Chinese hackers take down Australian parliament email server

Recent reports indicate that parliament’s email system in Western Australia was attacked by a hacking group possibly associated with the Chinese government e-mail in the early month as part of a global hacking campaign through a compromised Microsoft solution. This incident has even required the intervention of Australia’s cybersecurity agency.

“Parliament’s email server has been affected by a cyberattack. As a result, the server will remain inactive until further notice,” notes the department of parliamentary services release.

On the incident, Australian authorities mention that threat actors failed to steal sensitive data: “As soon as we detected the incident, we decided to immediately disconnect the compromised server,” mp. Rob Hunter said: “The situation was resolved the next morning. A subsequent forensic audit concluded that there was no data theft resulting from the incident.”

In early March, the Australian Cybersecurity Center (ACSC) posted an alert on its website requesting organizations using Microsoft Exchange to upgrade to the latest available version. AcSC subsequently issued a broader technical notice warning that all organizations and companies that use Microsoft Exchange products must update to prevent attacks.

Although the government has not provided further details on the consequences of this attack, cybersecurity experts mention that thousands of users could have been affected. ASCS has refused to issue further comments, although it concluded by mentioning that there are still dozens of organizations operating without the necessary patches.

On the other hand, the shadow deputy minister of cybersecurity, Tim Watts, has questioned why the federal government has not been more transparent about this incident: “Our democratic institutions are the basis of our national sovereignty; we shouldn’t be wondering exactly what happened.”

Finally, although Prime Minister Scott Morrison said his administration would not formally rule on the operators of the attack, sources very close to the Australian government claim that this attack was commanded by China. In this regard, the Chinese embassy in Australia has anticipated this report, stating that these accusations are deplorable and are part of a systematic campaign against the Communist Party of China.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security Institute (IICS) websites.