Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Australian Government ministers may have been partly to blame for hacks on their email accounts reported in News Ltd websites today.
The Parliament House email accounts of Prime Minister Julia Gillard, foreign minister Kevin Rudd and those of other ministers were allegedly compromised and potentially thousands of emails accessed, according to the Daily Telegraph, which quoted unnamed sources.
The Sydney paper quoted those familiar with the case of suspecting Chinese hackers were involved, ferreting out information related to Australian mineral exports.
It was unknown if the attacks believed to be underway since last month were related to an operation dubbed 'Night Dragon' by an anti-virus company that revealed last month the extent of Chinese intrusions against oil and gas companies seeking competitive bid information however the mode of attack was similar.
Attorney General Robert McClelland would not comment on the claims or say if an investigation was being conducted.
But the newspaper report said "four separate government sources confirmed that they had been told Chinese intelligence agencies were among a list of foreign hackers that are under suspicion".
It was believed that the Parliament House email system was not as secure as that used by ministers for confidential communication.
A well-placed internet industry source told SC Magazine that although the attacks were unfortunate they could have a silver lining if they elevated the issue of computer security in the public's mind: "If the PM can be hacked then anyone can be".
If the attacks proved true, Chinese hackers would not have had a high bar to vault.
Auditor warnings too late
A report last week by the Australian National Audit Office found that one in 10 of the passwords used by those in Gillard's department could be broken by brute force attacks, using common words found in the dictionary or the login name. It pointed out that simple, six-letter password can be "cracked in minutes".
Auditors probed:
"It is critical that agencies have an appropriate password policy that is consistently implemented, in order to manage the risk of attack from an external source," auditors wrote.
It recommended more complex passwords should be used and that access to webmail systems such as Gmail and Hotmail be blocked.
Although the office found some Government agency policies were dated, inconsistent between agencies and patches not applied in a timely way in half the agencies surveyed, agencies were generally operating according to principles laid down in operating procedures.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.