A major cyber attack on Australia’s Bureau of Meteorology (BoM) recently compromised sensitive computer systems throughout the country’s Federal Government, the Australian Broadcasting Corporation reports.
According to the ABC, the damage could cost hundreds of millions of dollars to repair. The BoM is linked directly to several government agencies, including the Department of Defense.
A separate?ABC report states that the breach began prior to September 2015, and that the BoM’s systems are still compromised. One official told the ABC that the attack was “intrusive and pervasive.”
While an unnamed government official told the ABC that the attack originated in China, Chinese foreign ministry spokeswoman Hua Chunying denied any involvement, saying, “As we have reiterated on many occasions, the Chinese government is opposed to all forms of cyber attacks. We have stressed that cyber security needs to be based on mutual respect. We believe it is not constructive to make groundless accusations or speculation.”
And as Nuix CEO Eddie Sheehey pointed out to The Australian, attack attribution is always difficult — even if the attack came from a Chinese ISP, it could have originated somewhere else. “Pointing fingers like that could get you in the wrong place because anyone could be using infected Chinese computers to mask their own identity,” he said. “There is lots of nation states, philosophical hackers, terrorist groups — they are doing this every single day of the week and we shouldn’t be that surprised.”
In a statement published yesterday, the BoM said it doesn’t comment on security matters. “Like all government agencies, we work closely with the Australian Government security agencies,” it said. “The Bureau’s systems are fully operational and the Bureau continues to provide reliable, on-going access to high quality weather, climate, water and oceans information to its stakeholders.”
TrapX general manager Carl Wright told eSecurity Planet by email that publicly reported breaches like these are just the tip of the iceberg. “Government agencies have relied on traditional defense-in-depth strategies which no longer appear sufficient to deter sophisticated attackers,” he said. “You have to ask the more important question, ‘What else is in the Australian government networks that has not been detected yet?'”
“The good news is the emergence of new technologies that can detect attackers that have already penetrated your existing cyber defense,” Wright added. “Government can then move decisively to stop and defeat those attackers and rapidly resume normal operations.”
Recent eSecurity Planet articles have examined how sharing threat intelligence can deter cyber attacks, and how to secure sensitive data in a post-perimeter world.