28 May 2013

Ghosts in the shell

| johnboy
Join the conversation
9

Four Corners have a big piece on the extent of Chinese hacking in Canberra.

While debate rages over Australia’s border security, there’s growing evidence that the greatest threat to Australia’s national security potentially comes from foreign computer hackers. Few in government or business will admit the full extent of the break-ins, with one expert calling it a “dirty little secret”.

Next on Four Corners reporter Andrew Fowler reveals that hackers, working from locations overseas, have targeted key Federal Government departments and major corporations in Australia. Their intention is to steal national security secrets and vital business information.

Speaking with security specialists and insiders, Four Corners also details a number of specific high level break-ins involving Government departments. In each case it explains how the security system might have been breached.

Join the conversation

9
All Comments
  • All Comments
  • Website Comments
LatestOldest

Grrrr said :

p1 said :

Perhaps the plans for things like ASIO buildings should not be put on computers?

Perhaps you mean “should not be on computers accessible by Chinese hackers, no matter how hard they try”?

Well, yes, that pretty much is what I thought. The plans, presumably, were drawn up on a pretty secure system, and not at that point hacked. They appear to have been hacked at a later time, when they had filtered down though various levels of security.

It is easy for me to say from the safety of hindsight, but maybe the actual contracting company didn’t need electronic copies on their own system?

Baggy said :

At the end of the day it takes only one person with a USB, or even plugging a phone into a PC to charge.

Not if the USB port on the classified PC has been disabled.

p1 said :

Perhaps the plans for things like ASIO buildings should not be put on computers?

Perhaps you mean “should not be on computers accessible by Chinese hackers, no matter how hard they try”?

Presumably these “blueprints” would have drawn a Secret / HP or higher classification. This would have meant that the information was to protected from attack by infrastructure that follows a set of strict and comprehensive rules that apply for that classification. Rules written by people who consider precisely this scenario and know what needs to be done to avoid it.

So the real question is, who was the idiot not following those rules, and why the hell didn’t an assessment pick up the problems?

I’m not sure I agree with all the Green’s statements but there sure needs to be some answers here – and someone deserves to not get paid.

p1 said :

Perhaps the plans for things like ASIO buildings should not be put on computers?

Iran’s Natanz reactor was completely offline, and yet Stuxnet (IIRC) still managed to get into the network. At the end of the day it takes only one person with a USB, or even plugging a phone into a PC to charge.

p1 said :

Perhaps the plans for things like ASIO buildings should not be put on computers?

So… pen and paper everything, photocopy and post details out to all involved? It’d be a massive undertaking in itself, impractical and impossible to enforce. Somewhere along the line someone would scan something and email it rather than posting it and waiting 3+ days.

Perhaps the plans for things like ASIO buildings should not be put on computers?

> there’s growing evidence that the greatest threat to Australia’s national security potentially comes from foreign computer hackers

Nonsense. It’s from chipseal roads.

The Greens want an inquiry and justice for local contractors.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.