iTnews

'Night Dragon' burns Gillard, Rudd?

By Staff Writers on Mar 29, 2011 4:26PM
'Night Dragon' burns Gillard, Rudd?

Ministers' emails laid bare to suspected Chinese hackers may make public sit up and take notice.

Australian Government ministers may have been partly to blame for hacks on their email accounts reported in News Ltd websites today.

The Parliament House email accounts of Prime Minister Julia Gillard, foreign minister Kevin Rudd and those of other ministers were allegedly compromised and potentially thousands of emails accessed, according to  the Daily Telegraph, which quoted unnamed sources.

The Sydney paper quoted those familiar with the case of suspecting Chinese hackers were involved, ferreting out information related to Australian mineral exports.

It was unknown if the attacks believed to be underway since last month were related to an operation dubbed 'Night Dragon' by an anti-virus company that revealed last month the extent of Chinese intrusions against oil and gas companies seeking competitive bid information however the mode of attack was similar.

Attorney General Robert McClelland would not comment on the claims or say if an investigation was being conducted.

But the newspaper report said "four separate government sources confirmed that they had been told Chinese intelligence agencies were among a list of foreign hackers that are under suspicion".

It was believed that the Parliament House email system was not as secure as that used by ministers for confidential communication.

A well-placed internet industry source told SC Magazine that although the attacks were unfortunate they could have a silver lining if they elevated the issue of computer security in the public's mind: "If the PM can be hacked then anyone can be".

If the attacks proved true, Chinese hackers would not have had a high bar to vault.

Auditor warnings too late

A report last week by the Australian National Audit Office found that one in 10 of the passwords used by those in Gillard's department could be broken by brute force attacks, using common words found in the dictionary or the login name. It pointed out that simple, six-letter password can be "cracked in minutes".

Auditors probed:

  • Australian Office of Financial Management
  • ComSuper
  • Medicare
  • Department of the Prime Minister and Cabinet

"It is critical that agencies have an appropriate password policy that is consistently implemented, in order to manage the risk of attack from an external source," auditors wrote.

It recommended more complex passwords should be used and that access to webmail systems such as Gmail and Hotmail be blocked.

Although the office found some Government agency policies were dated, inconsistent between agencies and patches not applied in a timely way in half the agencies surveyed, agencies were generally operating according to principles laid down in operating procedures.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
bid chinese competitive gas hackers miners night dragon oil security

Partner Content

MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
MSI launches innovative new laptops
Partner Content MSI launches innovative new laptops
Improving returns from SD-WAN spending
Sponsored Content Improving returns from SD-WAN spending
NCS expands into Australia in partnership with Optus Enterprise
Sponsored Content NCS expands into Australia in partnership with Optus Enterprise

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity
Building a ransomware remediation backup strategy
Building a ransomware remediation backup strategy

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
By Staff Writers
Mar 29 2011
4:26PM
0 Comments

Related Articles

  • SolarWinds hackers accessed Microsoft source code
  • Hackers target groups in Covid-19 vaccine distribution
  • Microsoft says hackers targeting Covid-19 researchers
  • Chevron Australia has 'reservations' at govt asserting itself in a cyber attack response
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Telstra pilots its first neurodiversity recruitment program

Telstra pilots its first neurodiversity recruitment program

Accellion hack behind Reserve Bank of NZ data breach

Accellion hack behind Reserve Bank of NZ data breach

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Signal to ramp up hiring after WhatsApp controversy drives download surge

Signal to ramp up hiring after WhatsApp controversy drives download surge

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.