The Australian Parliament has reset all passwords on the parliamentary computing network following an unspecified security incident.
In a joint statement on February 8, the legislature's presiding officers – Speaker of the Australian House of Representatives Tony Smith, and Scott Ryan, President of the Australian Senate – said the action was "undertaken for abundance of caution" in response to an incident that occurred overnight and Friday morning.
"The Department of Parliamentary Services and relevant agencies are working jointly to take the necessary steps to investigate the incident, while our immediate focus has been on securing the network and protecting data and users," the officials said. "There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation."
Smith and Ryan also said they had no evidence that the incident represents an attempt to sway the upcoming election, due in three months time, or to disrupt the electoral or political process.
Citing unnamed sources, The Sydney Morning Herald, however, suggests a foreign government may have tried to hack Oz's parliamentary systems.
Australia has form on this
There's precedent for that. Australian government systems have been targeted frequently in recent years, like just about every significant military and economic power in the world.
In 2011, computers used by Australian Prime Minister Julia Gillard and two senior ministers were hacked and Chinese intelligence agencies were suspected. In 2013, Chinese hackers were blamed for pilfering the blueprints of the new Australia Security Intelligence Organization headquarters.
In 2016, Australian Prime Minister Malcolm Turnbull committed AUD$400m over ten years to improving cyber security. In 2017, Australian defense data was stolen. And in 2018, government officials blamed Russia for an attack on routers in Australia the previous year.
South Korea reckons mystery hackers cracked open advanced weapons serversREAD MORE
In December last year, in conjunction with the indictments of two men alleged to be Chinese government hackers by the US Justice Department and similar claims from UK officials, Alastair MacGibbon, the head of the Australian Cyber Security Centre, warned tens of thousands of Australian companies may have been compromised in the so-called Cloudhopper campaign against global IT service providers like HPE and IBM.
The statement from Smith and Ryan nonetheless maintains, "Since 2012, DPS [Department of Parliamentary Services] has made substantial strides in strengthening cyber defenses for the APH [Australian Parliament House] IT networks."
In a statement emailed to The Register, the Australian Signals Directorate, an intelligence collection and detection agency similar to the National Security Agency in the US, confirmed it is working with the Department of Parliamentary Services to secure the government's network but offered no indication about the suspected source of the attack.
"At this early stage our immediate focus is on securing the network and protecting its users," the ASD spokesperson said. "Proper and accurate attribution of a cyber incident takes time." ®