The Federal Parliament has suffered a cyber breach and various media outlets are reporting that security agencies are investigating if China is the possible source.
Sources have told the ABC the attack was detected in its early stages but authorities are yet to determine if data had been stolen during the breach.
A joint media release from house of representatives speaker, Tony Smith, and president of the senate, Scott Ryan, confirmed the attack, revealing all users of the parliamentary computer network — the system used by MPs, senators and their staff — have been required to change their passwords.
“We have no evidence that this is an attempt to influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes,” the parliament’s presiding officers said in a statement.
“Accurate attribution of a cyber incident takes time and investigations are being undertaken in conjunction with the relevant security agencies.”
- Read more: Cover Story: In The Lead Up To This Year’s Election, Digital Discord Is Brewing In Australia
Australia’s top security agency for foreign signals, The Australian Signals Directorate, is reportedly assisting in the response to the incident has not confirmed the ABC reports that China was the suspected source of the attacks.
Earlier this week, the ASD revealed Australian Government agencies suffer a serious cyber attack around once a day on average.
Sources told the ABC the attack was “sophisticated this time around” but the response had been quick.
However, Labor politicians and staff have said access to their emails had been intermittent. The attack does not affect the computer systems of government ministers and their staff, according to reports.
Breaches on the rise
Data breaches in Australia rose during the last quarter of 2018, according to the most recent report from Australia’s privacy watchdog, the Office of the Australian Information Commissioner.
Last year the Notifiable Data Breach Scheme was introduced in Australia, requiring most organisations with a turnover above $3 million to report any breaches likely to result in serious harm to the individuals affected and Australia’s privacy watchdog.
The latest quarter revealed a peak in the amount of breaches caused by malicious actors, which now represent 64 per cent of the reported breaches. But generally the split of data breach causes has been around two thirds malicious actors, one third human error and a small amount down to system faults.
Most breaches affect a small number of people. According to the recent quarterly report, 60 per cent of reported breaches involved the personal information of fewer than 100 people.
“Preventing data breaches and improving cyber security must be a primary concern for any organisation entrusted with people’s personal information,” said Australian information commissioner and privacy commissioner Angelene Falk.
“Employees need to be made aware of the common tricks used by cyber criminals to steal usernames and passwords.”
The private health sector has so far been the worst offender in regards to reported breaches every quarter.