Published: Thu, October 12, 2017
Business | By Max Garcia

The Government Named A Hacker After Alf From "Home & Away" Because Australia

The target was described as a "small Australian company with contracting links to national security projects".

Restricted technical data on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and "a few Australian naval vessels" were among the data stolen from a small Australian defence contractor in November 2016.

The hackers have been given the code-name Alf, after the Home and Away character Alf Stewart.

The firm was subcontracted four levels down from defence contracts and had only one IT person. "It's just a thing we do", he said.

The stolen information fell under the International Traffic in Arms Regulations (ITAR), a U.S. regulatory regime that restricts and controls the export of defence and military related technologies.

The hack included information on the F-35 Joint Strike Fighter, C130 Hercules aircraft and the P-8 Poseidon surveillance aircraft. When BuzzFeed News sought a copy of the presentation directly from the department, a spokesperson for the Australian Cyber Security Centre provided a long response stating the data was not classified, without directly responding to the request.

"While presenting at a conference in Sydney, an ASD official (who works for the ACSC) disclosed information about the theft of data from an Australian company", the statement said.

Intelligence agency, the Australian Signals Directorate (ASD) revealed details of the hack, through the technology news website ZDNet, on Wednesday, after it was flagged on Tuesday by the minister for cyber security, Dan Tehan.

"Fortunately, the data that was taken was commercial data, not military data, but it's still very serious and we will get to the bottom of it".

A state actor has not been ruled out and it has been reported that a hacking tool, known as the Chinese Chopper, was used.

"It's not classified information".

Defence industry minister Christopher Pyne told the ABC on Thursday he does not know who the hacker is and indicated he would not tell if he knew, "It could be a state actor, a non-state actor".

The company had used default logins and passwords such as "admin" and "guest" and had only one person working on IT.

Like this: