Published: Fri, October 13, 2017
Medicine | By Melba Vasquez

Hacker codenamed 'Alf' from Home and Away stole data from defence subcontractor

Hacker codenamed 'Alf' from Home and Away stole data from defence subcontractor

Some 30GB of "sensitive data" subjected to restricted access under the U.S. government's International Traffic in Arms Regulations rules was stolen, ASD's Mr Mitchell Clarke told a security conference Wednesday according to ZDNet.

The subcontractor was reportedly a "small Australian company with contracting links to national security projects", and the hacker had been present in its systems from July 2016.

A year after attack, defense Industry Minister Christopher Pyne, who said y have not yet identified who stole confidential information, "I don't know who did it".

A state actor has not been ruled out and it has been reported that a hacking tool, known as the Chinese Chopper, was used.

Spain moves towards activating 'nuclear option' on Catalonia crisis
The crisis has caused deep uncertainty for businesses in one of the wealthiest regions in the eurozone's fourth-largest economy. Spain and Catalonia now enter into the unknown, as Madrid has repeatedly said independence is not up for discussion.

The ASD codenamed the hacker "Alf", a character played by Ray Meagher on Home and Away, Mr Clarke told the Australian Information Security Association conference. In 2011 for example, a major Japanese defence contractor was hacked.

ASD incident response manager Mitchell Clarke was quoted by ABC.net as telling a Sydney conference on Wednesday "the compromise was extensive and extreme". But he said the attackers gained entry by exploiting a 12-month-old vulnerability in the software that the contractor had failed to patch.

BuzzFeed News has obtained the audio of the presentation from reporter Stilgherrian, and in his presentation Clarke said the aerospace engineering firm in question had around 50 employees with just one IT person, and a "significant amount of data" was stolen over a period of around three months by the Alf hacker, which the ASD called "Alf's Mystery Happy Fun Time".

The federal minister for cybersecurity Dan Tehan revealed the breach earlier this week through the release of the Australian Cyber Security Centre's 2017 Threat Report, but provided no detail specifically about the Alf incident.

Equifax data breach fallout extends to UK
Consumers who had a phone number accessed will be offered a leading identity monitoring service for free. The mega breach of Equifax continues to prove even more disastrous with every passing week.

Stephen Burke, founder and CEO at Cyber Risk Aware, commenting on the news, said: "Yet again another example of "IT Admin" not carrying out IT Security best practices but more importantly other large firms not carrying out adequate third-party risk assessments".

"Moreover, with trust built on the users and applications - rather than the infrastructure - it becomes possible for organisations to embrace a security model built on breach containment, rather than prevention and detection alone".

Mr Clarke described the security breach as "sloppy admin" and said the organisation only had one IT person. "Which means that, in the inevitability of a breach occurring, the data to which hackers can gain access is constrained".

Facebook and Instagram back online after widespread outage
Facebook confirmed the outage, saying: "We're aware that some people are now having trouble accessing Facebook and Instagram". On Twitter , many users from several countries said they were unable to even access Facebook .

Like this: