Shipbuilder Austal a victim of a data breach, extortion attempt
An Australian shipbuilder has been hit by an extortion attempt, in which organised cyber criminals threatened to sell its data.
Australian shipbuilding firm Austal has been the victim of a major extortion attempt, in which organised cyber criminals operating out of the Middle East threatened to sell reams of data stolen from the company.
The Australian can reveal that Austal, which has contracts with the Navy and Border Force, lost up to 100 gigabytes of data after organised crime figures hit the company two weeks ago.
Defence Department officials are still combing through the information, which is being offered by the extortionists to the highest bidder on the dark web.
It is understood the material includes shipbuilding schematics and administrative data related to company operations, but at this stage there is no indication that sensitive national security information has been lost.
The material was held on an internet-connected network.
A source familiar with the breach said it was helped by Austal’s poor network security.
It is understood the attackers demanded a ransom but Austal refused, prompting the crime figures to try to sell the material on the dark web.
A tiny portion of the of the data appears to have been published on Twitter and is now being investigated by authorities.
Austal confirmed it had detected and responded to a data breach in which some staff email and mobile phone numbers were accessed.
“There is no evidence to date to suggest that information affecting national security or the commercial operations of the company has been stolen,” Austal said in a statement.
The Australian has been told the breach occurred in mid-October.
Investigations suggested the perpetrators were based in the Middle East, which one national security source said was unusual.
Eastern Europe is the main source for organised cyber criminals and extortionists.
There is no suggestion the breach was state-sponsored.
In a joint statement, the Defence Department, the Department of Home Affairs and the Australian Cyber Security Centre said they were aware of the breach and had referred it for joint investigation by the ACSC and the Australian Federal Police.
“As the investigation continues, the Department of Defence can confirm that no compromise of classified or sensitive information or technology has been identified so far,” the statement said. “Defence and the ACSC have provided cyber security assistance to Austal and are working with Austal to assess and mitigate harm.”
Austal is a prime defence contractor that makes vessels for numerous overseas markets, including the US.
The company said a small number of stakeholders affected by the data theft had been briefed.
The breach is an example of the kind of industrial espionage and extortion that companies are increasingly finding themselves exposed to. However, it is surprising that a company that regularly handles such sensitive national security information was so easily breached.
Australia is on the cusp of a defence industry boom with production of a new fleet or frigates and submarines slated to start in the years ahead and continue for decades to come.
The shipbuilding boom has prompted national security agencies such as ASIO and Defence to commit huge resources to protecting strategically sensitive information.
National security agencies expect areas such asAdelaide’s Osbourne shipyards — where most of the construction will occur — to be top espionage targets for foreign spy services, such as Chinese or Russian agencies.
Add your comment to this story
How Aussie spies beat ISIS
In late-2016, as coalition aircraft pounded Islamic State targets in Syria and Iraq, David Johnston issued a secret order.
Navy’s blaze chaos revealed
Extinguisher failure, untrained crew, faulty breathing gear. An explosion of fire at midnight met a perfect storm of problems.
To join the conversation, please log in. Don't have an account? Register
Join the conversation, you are commenting as Logout