MPs' emails may have been hacked by foreign power

Federal MPs may have fallen victim to a “sophisticated” cyber attack on parliamentary computer systems that may have been perpetuated by a foreign government.

House Speaker Tony Smith and Senate President Scott Ryan confirmed in a joint statement that a security incident had impacted everybody with an Australian Parliament House email address, including politicians and their staff.

“The Department of Parliamentary Services and relevant agencies are working jointly to take the necessary steps to investigate the incident, while our immediate focus has been on securing the network and protecting data and users,” the joint statement read.

While an investigation into the incident is ongoing, there is currently no evidence to suggest any data has been taken or accessed.

Nor is there evidence to suggest that the attack was an attempt to “influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes”, according to the statement. But with the next federal election looming, political interference is one potential motive.

According to reports, the Australian Signals Directorate has been acting to lock down and protect the network as a result of the incident. All APH email holders have been asked to change their passwords in response.

WatchGuard Technologies ANZ Country Manager Mark Sinclair said the target and the sophisticated nature of the attack lends credence to speculation that the attack was executed by a foreign state-based actor.

“The fact that it is targeting an MP is a strong indication that it is a foreign nation. Any MP can be the target of such an attack, since the attacker may be able use it as a springboard to launch subsequent attacks on other MPs on the network,” he said.

“If this attack was the result of weak or stolen credentials, then the use of multifactor authentication will play a big part in preventing further attacks.”

Ping Identity APAC Regional Director Geoff Andrews said an effective multifactor authentication system should combine biometrics, passwords, and one-time codes or tokens.

“Sophisticated protections will overlay intelligent, dynamic step-ups in authentication based on other factors such as location, time, changing IP addresses or other behavioural characteristics,” he said.

Aura Information Security Australia Country Manager Michael Warnock concluded that the attack demonstrates the need for the Australian public sector to follow the ASD’s Essential 8 cyber threat mitigation strategies.

Image credit: ©stock.adobe.com/au/natali_mis

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.