A nation-state was behind the recent cyber attack on the federal Parliament, and the networks of both major parties were also compromised, Prime Minister Scott Morrison has confirmed.
Speaking Parliament on Monday, Mr Morrison gave an update to the House on a cyber incident two weeks ago involving a breach of the parliamentary computing network.
The subsequent investigation has now discovered that the networks of the Liberal, Nationals and Labor parties were also impacted by the attack, and that a nation-state was behind it.
“Our cyber experts believe that a sophisticated state actor is responsible for this malicious activity,” Mr Morrison said.
“The methods used by malicious actors are constantly evolving and this incident reinforces yet again the importance of cyber security as a fundamental part of everyone’s business.”
He said that there is “no evidence” of electoral interference, despite a federal election looming in the coming months, and that a “number of measures” had been put in place to ensure the integrity of the electoral system.
“Our political system and our democracy remains strong, vibrant and is protected. We stand united in the protection of our values and our sovereignty.
The government has chosen to be transparent about these matters. This in itself is an expression of faith by our government in our democratic system and our determination to defend it,” he said.
Addressing the media after Mr Morrison’s comments, Australian Cyber Security Centre (ACSC) head Alastair MacGibbon said that the attacker was “sophisticated enough to compromise the network, but not sophisticated enough to stay undetected”.
“We don’t know who is behind this nor their intent. We know what they have affected and our job at the moment is in securing those networks. We of course will continue to work with our friends and colleagues here and overseas to work out who is behind it and hopefully their intent,” Mr MacGibbon said.
“During the course of the investigation into the network incident we uncovered that there were other networks affected. We’re still piecing together the sequence of events.”
The quick reaction from agencies unfortunately made it more difficult to uncover who was behind the attack, Mr MacGibbon said.
“By taking the extraordinarily fast remediation action that we have, by its nature unfortunately also does other unpleasant things, like removing some of the forensic evidence we’re interested in,” he said.
Opposition leader Bill Shorten also addressed the hack in Parliament, saying it is a “source of grave concern”.
“We cannot be complacent and, as this most recent activity reported by the Prime Minister indicates, we are not exempt or immune. We need every Australian equipped to protect our institutions, freedoms and values. It means improving awareness of cyber risks and strategies that guard against them,” Mr Shorten said.
“It means that we need to train up more Australians in our universities, TAFEs, research centres and our workplaces to fill national skill shortages and cyber security.”
Mr Shorten also said the incident demonstrates why the government needs a single point of call for cyber advice and incident management.
“The Commonwealth National Cyber Security Adviser is dual-hatted in this policy role reporting to the Secretary of Home Affairs, but also as operational Head of the Australian Cyber Security Centre reporting to the Director-General of Australian Signals Directorate,” he said.
“Some are concerned that this dual-hatting creates fragmentation and stove-piping. We need a cohesive, national approach – through the Cyber Security Centre as a single entity responsible for managing the cyber mission in totality, and reporting up through a single chain.
“We perhaps need to consider whether the ACSC should be the single point of contact and accountability for all cyber-related communication, reporting, incident response, crisis communication and management, threat intelligence capability, operations and policy.”