Canberra: Chinese hackers reportedly attacked Australia’s Western parliamentary email network earlier this month as a part of a massive global cyber-attack involving Microsoft software.
The online strike, which was detected on March 4 in the middle of the state election campaign, prompted intervention from Australia’s cybersecurity watchdog in Canberra, reported Australian ABC.
“Please be advised that the Parliament mail server has been hit with a cyber-attack,” WA politicians were warned at the time.
“Consequently, the mail server will be down until further notice,” a text message sent by the Department of Parliamentary Services advised.
An investigation by Western Australia’s Parliamentary Services Department has since concluded no sensitive data was stolen in the attack.
“As soon as we became aware of the attack, we immediately disconnected the email server,” WA’s Executive Manager of Parliamentary Services Rob Hunter told the ABC.
On March 3, and again on March 9, the Australian Cyber Security Centre (ACSC) published an alert on its website urging organisations using Microsoft Exchange to urgently patch a number of vulnerabilities.
Earlier this month, Microsoft said that the flaw was being used by a Chinese state-sponsored hacking group to target a variety of organizations.
Cybersecurity group FireEye said in a blog post late Thursday night that hackers had been in at least one client’s system since January, and that they had gone after “US-based retailers, local governments, a university, and an engineering firm,” along with a Southeast Asian government and a Central Asian telecom group.
Last week, Australian Assistant Defence Minister Andrew Hastie told the ABC the government would not publicly discuss which public or private organisations may have been hit by the attack.
“It’s time we start thinking about the cyber domain as a battlefield and you certainly don’t advertise where you’re weak, wounded or vulnerable on the battlefield,” he said.
In a statement, the Chinese Embassy described the allegation behind the attack as “deplorable”.
Last year, Prime Minister Scott Morrison said that Australia’s government and institutions are being targeted by ongoing sophisticated state-based cyber hacks.
Morrison said the cyberattacks were widespread, covering “all levels of government” as well as essential services and businesses.
In 2019, the Australian National University said it had been hacked by a sophisticated operation that had accessed staff and student details.
Australia’s main political parties and parliament were hit by a “malicious intrusion” earlier in 2019, also attributed to a “sophisticated state actor”.