Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers

A “sophisticated state actor” conducted a cyberattack at Australia’s Parliament House this month that breached the systems of the nation’s major political parties, Prime Minister Scott Morrison said.

The systems of the ruling Liberal-National coalition parties and the main opposition Labor party were compromised, Morrison told parliament on Monday. He didn’t name the country suspected in the incident, and said there was no evidence of electoral interference ahead of an election expected to be held in May.

“The methods used by malicious actors are constantly evolving and this incident just re-enforces yet again the importance of cybersecurity as a fundamental part of everyone’s business,” Morrison said.

Australia has put “a number of measures” in place to enhance the integrity of the electoral system in the aftermath, Morrison said. The Australian Cyber Security Centre is working with global anti-virus firms to ensure it has the capacity to detect malicious activity, he added.

“Significant elections nearly always draw the interest of advanced attackers,” said Steve Ledzian, chief technology officer for Asia-Pacific at cybersecurity firm FireEye Inc. “A big question for Australian leadership is when will they start publicly attributing targeted cyberattacks. Disclosure alone helps raise awareness, but offers little deterrence for attackers.”

Concerns over cyberattacks aimed at disrupting elections have increased after U.S. officials accused state-sponsored Russian hackers of stealing and releasing emails from the Democratic National Committee in a bid to embarrass U.S. President Donald Trump’s opponent, Hillary Clinton.

Last week, the U.S. warned against cyber threats from Russia and China at a meeting of the North Atlantic Treaty Organization.

“I am referring to Russia, I am referring to China, I am referring to the evolving situation, infrastructure, cybersecurity, space,” Acting U.S. Defense Secretary Patrick Shanahan said in Brussels.

Chinese foreign ministry spokesman Geng Shuang on Monday refuted suggestions in Australian media that China could be behind the cyberattack on lawmakers.

“When conducting investigations, evidence is a prerequisite,” he said at a briefing in Beijing. “There should be no groundless accusations or reports.”

A bipartisan group of American senators last week introduced legislation to punish Russia for interference in foreign institutions, proposing sanctions targeting areas including the country’s cyber sector.

In December, the U.S. Justice Department announced indictments accusing Chinese officials of coordinating a decade-long espionage campaign to steal intellectual property and other data from dozens of companies, drawing a strong denial from China.

In recent years, FireEye has identified Chinese cyberattacks against politicians and media organizations in both Cambodia and Taiwan ahead of recent elections.

Australia blamed Chinese hackers for a 2015 cyberattack on its Bureau of Meteorology that cost millions of dollars to fix.