Australian F-35 jet data stolen likely by Chinese hackers


Fri, Oct 13, 2017 - Page 1

Sensitive data about Australia’s F-35 jet and P-8 surveillance aircraft programs were stolen when a defense subcontractor was hacked using a tool widely used by Chinese cybercriminals, officials said yesterday.

The 50-person aerospace engineering firm was compromised in July last year, but the Australian cybersecurity agency, the Australian Signals Directorate (ASD), only became aware of the breach in November last year, technology Web site ZDNet Australia reported.

About 30 gigabytes of “sensitive data” subjected to restricted access under the US government’s International Traffic in Arms Regulations rules were stolen, ASD’s Mitchell Clarke told a security conference on Wednesday, ZDNet said.

Clarke, who worked on the case and did not name the subcontractor, said information about the F-35 and the P-8 were lifted.

Another document was a wireframe diagram of one of the Royal Australian Navy’s new ships, where a viewer could “zoom in down to the captain’s chair.”

The hackers used a tool called “China Chopper,” which, security experts say is widely used by Chinese hackers, and had gained access via an Internet-facing server, he said.

In other parts of the firm’s network, the subcontractor also used Internet-facing services that still had their default passwords “admin” and “guest.”

Those brought in to assess the attack nicknamed the hacker “Alf” after a character on Australian soap opera Home and Away, Clarke said.

The three-month period when they were unaware of the breach they dubbed “Alf’s mystery happy fun time.”

“The information they have breached is commercial,” Australian Minister for Defence Industry Christopher Pyne said. “It is not classified and it is not dangerous in terms of the military.”

Pyne added that Australia was increasingly a target for cybercriminals as it was undertaking a massive A$50 billion (US$39 billion) submarine project, which he said was the world’s largest.

Australia has also committed to buy 72 F-35A aircraft for A$17 billion.

He would not comment who might be behind the breach, saying only that the government was spending billions of dollars on cybersecurity.

Western governments have long accused hackers in China of plundering industrial, corporate and military secrets.

The revelations came just days after Australian Minister Assisting the Prime Minister for Cyber Security Dan Tehan said there were 47,000 cyberattacks in the past 12 months, a 15 percent jump from the previous year.

A key concern was 734 attacks that hit private sector national interest and critical infrastructure providers during the period.