Australian NSW Government Department of Resources and Energy under attack. Is it Chinese cyber espionage?

According to the NSW Government Department of Resources and Energy Chinese hackers have launched a malware-based attack on its network in December.

The Australian NSW Government Department of Resources and Energy revealed that in December 2015 unknown hackers targeted its systems. In the same period, the organization was launching a number of important projects, including a project of the Shenhua Watermark coal mine.

The project for the Shenhua Watermark coal mine has been estimated in $1.2 billion and indirectly involves the Chinese government, a circumstance that lead the experts in believing that Chinese-nation state hackers may have launched the attack for intelligence purpose.

“In December 2015, NSW Department of Industry IT security systems detected a marked increase in virus/security activity attempting to impact systems at the Division of Resources and Energy (DRE) office in Maitland. The attacks were identified by specialist software we have in place to detect breaches to our firewalls. Given the increased levels of activity we took further steps to ensure that our systems were protected. We do not believe that the attacks penetrated our systems or any data was accessed at this time.

The attack was in the form of an increase in “virus/security activity attempting to impact systems at the Division of Resources and Energy (DRE) office in Maitland”,  states the NSW Government Department of Resources and Energy in an official announcement. and steps were taken to increase security after the activity was detected.

The hackers coordinated a malware-based attack to hack into the Department’s network, the organizations already announced that steps were taken to increase security in response to the offensive.

It is not clear if the hackers successfully breached the network at the NSW Government Department of Resources and Energy, the New South Wales Opposition is calling for further investigation despite the officers believe that no data has been exfiltrated by the hackers.

“These reports are highly disturbing. I have sought a briefing from the minister and his agency as soon as possible. The Opposition will be seeking an assurance from the Baird Government that the integrity of the commercially sensitive data held by the Department of Industry has not been compromised.” declared the Australian politician Adam Searle to the ABC’s The World Today.

The experts speculate the involvement of Chinese hackers, the government of Bejing is considered responsible for a large number of cyber espionage operation worldwide.

“Well you don’t always know if you’ve been compromised in terms of cyber attack, so I think perhaps a more accurate way to put it would be to say they don’t think they’ve been compromised on this occasion. But if it’s like many other areas of government, they will be under constant attack, there will be sort of daily probes, hourly probes on the part of malicious cyber actors looking for vulnerabilities. ” added Peter Jennings, the executive director of the Australia Strategic Policy Institute.

“I think it is possible because we know China has one of the most aggressive cyber intelligence gathering policies around the world and that they are constantly looking to gather information, intellectual property, from the private sector as well as national security information from government departments.” “And in the case of Australia, obviously China has a deep interest in our approach to natural resources.”

In December, Chinese hackers have conducted another major attack on a supercomputer operated by Australia’s Bureau of Meteorology (BoM). The news was disclosed by the Australian Broadcasting Corporation (ABC). The Bureau of Meteorology is Australia’s national weather, climate and water agency, it is the analog of the USA’s National Weather Service.

“China is being blamed for a major cyber attack on the computers at the Bureau of Meteorology, which has compromised sensitive systems across the Federal Government.” states the ABC. “The bureau owns one of Australia’s largest supercomputers and provides critical information to a host of agencies. Its systems straddle the nation, including one link into the Department of Defence at Russell Offices in Canberra.”

The systems at the Bureau of Meteorology elaborate a huge quantity of information and weather data that are provided to various industries, including the military one.

Stay Tuned …

Pierluigi Paganini

(Security Affairs – NSW Government Department of Resources and Energy, hacking)