Oct 12, 2017

Hack of defence firm reveals a cybersecurity framework in chaos

While endlessly talking about the importance of cybersecurity, the government has an all-care-no-responsibility attitude toward its defence data.

Bernard Keane — Politics editor

Bernard Keane

Politics editor

The revelation that an Australian defence subcontractor had a large volume of material on Australia's defence assets stolen in an "extensive and extreme compromise" should ring loud alarm bells in Canberra. Instead, it will likely pass with little interest. But be sure our enemies and allies have noted it.

They'll also have noted the head-in-the-sand reaction from the government, with Defence Industries Minister Christopher Pyne dismissing the incident as merely relating to commercial, not classified information, and that it wasn't the fault of the federal government that the subcontractor had poor security. Pyne was thereby demonstrating that the great advantage of outsourcing isn't so much that governments save money, as that they can avoid blame. You get to outsource responsibility, above all.

Free Trial

You've hit members-only content.

Sign up for a FREE 21-day trial to keep reading and get the best of Crikey straight to your inbox

By starting a free trial, you agree to accept Crikey’s terms and conditions


Leave a comment

18 thoughts on “Hack of defence firm reveals a cybersecurity framework in chaos

  1. old greybearded one

    Well Bernard, now they will know that the Flying Heap of Crap is just that.

  2. garydj

    Great article, Bernard. It’s amazing, but not surprising, the contrast between the claimed need for ever more monitoring of the activities of ordinary citizens and the ‘It’s not our fault’ attitude toward a major breach of IT security on defence procurement.

  3. Desmond Graham

    and Canberra wants to keep all the medical records in Australia in a computer in Canberra and bribing doctors with practice grants to join up – with a twist patients cannot access their notes . So when did you last have tonsillitis or gonorrhoea? I will just look at what the hackers have

    1. Srs21

      Well our ATO info is now O/S, Medical records on their way or have already landed. So I’ve been informed.

    2. Andrew Reilly

      What makes you think that the records will stay in Australia, rather than in an out-sourced data silo in India or Singapore or wherever? I’ve read that’s where our telephone call records are, at the moment, now that they must be stored for two years. Throw in enough delegation and sub-contracting and you’ve got no idea or control at all. Might just as well publish it on the dark-net in the first place, and cut out the middle-men.

  4. Dog's Breakfast

    IT security is difficult with the best set-ups and the best minds working on it, and at least half of those ‘best minds’ have to be non-IT people who can slap the IT geniuses when they make blanket statements that something is unhackable.

    It is in system design and thinking that IT security has to be met, and then use the best software and encryption beyond that. So often though the systems resemble colanders and the encryption is poor. It isn’t the ‘mum and dad’ company that created this problem, it is that a ‘mum and dad’ company were able to provide services that weren’t behind a firewall*, so that they couldn’t be hacked. By definition, the little guy isn’t going to have top secret government level hacking prevention software and practices.

    * firewalls are often not firewalls at all, but papier mache soaked in metho.

  5. zut alors

    It’s no less than astonishing that Pyne & Co haven’t blamed this on Labor…yet.

    Kevin Mitnick (formerly one of the world’s most notorious blackhackers) has stated that nothing is unhackable especially if one has the means to fund the operation.

    1. klewso

      It’s early daze yet Zut, give Pyne time and enough heat, he’ll warp.

  6. John Hall

    Our Government hasn’t got a clue how to protect us. Joining every war with the US is only going to make things even more dangerous. Did Vietnam make us safer? Did invading Iraq make us safer? Did we help create ISIS? Which has a more Democratic type of Government – Saudia Arabia of Iran? Why is America selling massive arms to the Saudis – home of Bin Laden and most of the 9/11 attackers? Why is Trump keen on breaking a deal with Iran that is clearly being faithfully kept by Iran according to other Western leaders? Why doesn’t our Government have the guts to forge and independent Foreign Policy? We have moved from the teats of the UK to that of the US. Can’t we walk on our own yet? I fear we have very few courageous politicians and that fear is the only emotion they know how to engender. This latest stuff up merely proves that competence is very wanting too.

    1. Peter Wileman

      Quite right, but Gough’s Labor start to change the focus by visiting China. It appears to me that the coalition immediately change tack to seek the udder of the Yanks as soon as they get back into power. It’s a shame that we don’t even have the guts of our neighbours the Kiwi’s. They upset America by refusing access to their ports by nuclear powered ships. We do not have the courage to do that.

  7. Rais

    Why did we only find out a year later? Probably because they couldn’t keep the news from leaking out any longer.

    1. bushby jane

      And who told our mob anyway, because they didn’t find out by themselves; they were told by someone.

  8. graybul

    What’s it go under Christopher? What . . . . Amen?? . . . . Admin!

    OK . . . . Password? . . . . . 1234

  9. Srs21

    Such high security information and we out source. Betcha Russia, China,Iran and the other ilks would NEVER be so damn stupid to do so. What is wrong with us?

  10. klewso

    I’d find it hard to believe that work is farmed out to firms with so little regard for security; that no checks are carried out by the government to check the security of those firms – if it wasn’t this government farming it out.

Share this article with a friend

Just fill out the fields below and we'll send your friend a link to this article along with a message from you.

Your details

Your friend's details