Ransomware hackers hit Aussie defense communications platform

Ransomware hackers hit Aussie defense communications platform


Ransomware hackers hit Aussie defense communications platform

Hackers have targeted a communications platform used by Australian military personnel and defense staff with a ransomware attack, authorities said on Monday, as the country battles a recent spike in cyberattacks across businesses.

The ForceNet service, one of the external providers that the defense department contracts to run one of its websites, has come under attack but so far no data have been compromised, Assistant Minister for Defense Matt Thistlethwaite said.

“I want to stress that this isn’t an attack or a breach on defense [technology] systems and entities,” Thistlethwaite told ABC Radio. “At this stage, there is no evidence that the data set has been breached, that’s the data that this company holds on behalf of defense.”

But some private information such as dates of birth and enlistment details of military personnel may have been stolen, the Australian Broadcasting Corp reported, citing an unidentified source with knowledge of the investigation.

Thistlethwaite said the government will view the incident “very seriously” and all defense personnel have been notified, with suggestions to consider changing their passwords.

A Defense department spokesperson told Reuters in an emailed statement the department was examining the contents of the impacted data set and what personal information it contained.

Ransom software works by encrypting victims’ data and hackers typically will offer the victim a key in return for ­cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars.

Some of Australia’s biggest companies, including No.2 telecoms company Optus, owned by Singapore Telecommunications Ltd, and the country’s biggest health insurer, Medibank Private, have had data hacked recently, likely exposing the details of millions of customers.

Technology experts said the country has become a target for cyberattacks just as a skills shortage leaves an understaffed, overworked cybersecurity workforce ill-equipped to stop it.