Defence caught up in ransomware attack
Richard Marles says Australia's defence force must be equipped with high-end military capabilities. Photo: AAP
A communications platform used by the Department of Defence has been hit by a ransomware attack.
Hackers targeted the ForceNet service, which is run by an external provider.
Government officials said no data of serving or former military personnel appeared to have been compromised or stolen.
In an email to all staff, the Defence secretary said the matter was being taken “very seriously”.
The attack happened earlier this month.
Assistant Defence Minister Matt Thistlethwaite said the department was being prudent by notifying all personnel despite no information being stolen.
Defence has suggested its staff change their passwords and use two factor authentication.
“I want to stress this isn’t an attack or breach on defence ICT systems,” Mr Thistlethwaite told ABC radio.
“It’s on an external provider defence contracts to run one of their websites.”
Cyber support has been offered to military personnel who believe they may be affected.
Australia hit by data leaks
The news from Defence follows a recent series of high-profile hacks against major organisations that have left millions of Australians more vulnerable to financial and identity fraud.
On Wednesday, Medibank admitted every one of its four million customers, along with customers of its budget arm AHM, had their confidential information accessed in a data leak.
Information accessed includes personal data and ‘significant amounts’ of health claim information from Medibank and AHM customers.
“We have evidence that the criminal has removed some of our customers’ personal and health claims data and it is now likely that the criminal has stolen further personal and health claims data,” the company said in a statement on Wednesday.
This leak came on the heels of an Optus hack in September, which saw almost 10 million Optus customers and former customers have their sensitive passport, licence and Medicare details stolen.
Following the Optus hack, Treasurer Jim Chalmers announced the government will change telecommunications regulations to allow drivers licences, and Medicare and passport numbers to be temporarily shared with financial services to help make customers affected by the breach safer from identity theft and fraud.
Optus will be also be able to share that sensitive information with Commonwealth, and state and territory agencies to assist in fraud detection
But cyber crime experts say the government also needs to ‘backflip’ on how they deal with data breaches, and focus on the risk of data theft rather than focusing on individuals suspected of terrorism or other crimes.
– with AAP