Home Open Sauce Parliament hack: ASD cautious, but ABC jumps the gun on attribution

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

When news of the breach of the Federal Parliament network broke on Friday, the Australian Signals Directorate was quick to point out that attribution, if it was made, would take time.

In its statement sent to iTWire, (and presumably other media organisations), the ASD said, in part: " Proper and accurate attribution of a cyber incident takes time."

But the ABC apparently has better sources than the ASD because the taxpayer-funded broadcaster had already decided that China was behind the hack.

In its noon bulletin, hardly two hours after the news broke, ABC threw to its China correspondent, Bill Birtles, and asked him what China's reaction to the hack was.

One would not have been surprised if Birtles had asked, "Reaction to what?" Nobody in authority in Australia had made any claim of attribution, least of all the government. Thus, expecting China to react, was silly, at best.

Given that the hacked network is used by all parliamentarians, and an election is expected in May, anyone who breaks in could well be looking for dirt on some politicians in order to use it to advantage during the election campaign.

This is the most plausible explanation for a hack taking place at this time, and of this network.

And given that voting is compulsory in Australia — or at least showing up at a polling booth and getting one's name ticked off is a must if one wishes to avoid a fine — the extent to which any outside party can influence an election is much more limited than in the case of a country like the US where voting is left to individual whims.

This is not to say that China is ruled out as the country behind the hack – but it could also be anyone of a dozen other countries, not to mention private operators who are acting on behalf of an Australian political party. It could be someone who just wants to show that the parliament network has poor security, despite promises of its being beefed up after some earlier intrusions.

But the overriding fact is that one cannot attribute a network attack to anyone or any nation so fast – and even attribution done after months of painstaking work is often based on evidence that is at best flimsy.

The ABC only had to ask somebody who has some experience in network security and does not have an agenda. Instead it spoke to Fergus Hanson, the head of the International Cyber Policy Centre at the Australia Strategic Policy Institute, a lobby group for big defence outfits, and he stayed in line with the prevailing ABC wisdom – or lack of it, thereof.

The head of ASPI, Peter Jennings, had earlier gone on record with The Australian, saying that the fact that all parliamentarians had been asked to reset their passwords was an indication that this was a serious breach.

“If it has led to everyone having to change their passwords on the system that suggests there has been a reasonably serious breach and therefore you would have to question how adequate was the protection to begin with,” Jennings was quoted as saying.

In reality, changing passwords after a breach is an indication that the investigators are fairly sure that there has been no deep intrusion made into the system; it is the first bit of network hygiene, as even a junior sysadmin would confirm.

The ABC claims it is the most trusted source for news in Australia. If it continues in this jingoistic vein, it may well have to revise that slogan a fair bit.

CDAO SYDNEY TURNS 5 IN 2019

With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda

REGISTER HERE!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect