The Australian government recently fell victim to a cyberattack being blamed upon a “sophisticated state actor”. No specific foreign nation or rogue regime has been named, but the widely believed presumption is that it was China.
On account of the cyberattack, the networks of all three of Australia’s major political parties – the Liberals, Labor and Nationals – were compromised. And the aftermath has forced all users of the Australian Parliament House network and their staff to reset their passwords as a precaution.
The exact motivation for the cyberattack and what information was targeted or obtained by hackers has not been disclosed, but the attack was a sophisticated infiltration deep into one of Australia’s most secure government networks. It is known that China has launched cyberattacks against their neighbors in Taiwan and Cambodia ahead of democratic elections, and this latest episode would fit that trend. But Australian Prime Minister Scott Morrison spoke out in response to the security breach, assuring the public that there was no evidence of electoral interference in the upcoming elections to be held in May.
This alarming cyberattack has come on the heels of Australian government’s controversial push to pass legislation that would require Australian-based companies to provide backchannels for online encryption. The legislation is intended to aide law enforcement and national security agencies with monitoring suspicious persons, but it strikes an Orwellian tone with privacy advocates who fear it is a recipe for abuse or risks creating vulnerabilities that will make loopholes for hackers. And in light of the recent breach of sensitive Australian government networks, it casts further doubt upon the wisdom of permitting the Australian government to have special access to the broader encryption of the Australian private sector.
Not to mention that Australia has a frustrating track record when it comes to parliamentary hacks. Back in 2015 China was accused of breaching the computers of the Bureau of Meteorology which cost the Australian tax payer millions of dollars to solve.
If the Australian government is going to be handed the keys to the proverbial kingdom, then it stands to reason that a serious breach of the government could lead to hackers compromising any of the government mandated encryption backchannels that they will control, with potential global consequences.
It appears that many of the privacy fears voiced by critics are becoming a real and present danger to Australia’s internet security. We hope in the coming elections that Australians make it clear to their elected officials that the best interests of the Australian people are with a safe and open internet, where government surveillance is not the expectation nor the law of the land. And that there will be a push to repeal and abandon any legislation that makes individual privacy secondary to ill-defined claims of national security without due process.