03 December 2015
by Primrose Riordan
Bureau of Meteorology hit by major Chinese cyber attack: reports
James Turner said that a nation state cyber attack is almost impossible to defend against entirely as they are so well funded.
The Bureau of Meteorology's computer system, which reaches throughout the bureaucracy, has been hit with a major cyber attack, likely emanating from China according to a report from the ABC.
The bureau said it was building the nation's largest supercomputers in July, worth $77 million, taking the number they own up to eight. The ABC reported that the bureau's computer system was also linked to the Department of Defence.
The BoM did not deny the reports in a statement on Wednesday. It said it does not comment on security matters, but that its systems were fully operational.
"Like all government agencies, we work closely with the Australian Government security agencies.
"The Bureau's systems are fully operational and the Bureau continues to provide reliable, on-going access to high quality weather, climate, water and oceans information to its stakeholders," the statement said.
The ABC said senior sources were saying the attack originated in China.
In April last year, security and parliamentary sources told The Australian Financial Review that Chinese agencies obtained remote, system administrator access to the Parliament's computer network.
Security experts told The Australian Financial Review it was impossible to determine the severity of the security breach without the government disclosing how long after the initial compromise it was discovered.
The longer a hacker is able to stay hidden within the systems, the more information they can harness or the more damage they can cause.
IBRS security advisor and spokesman for the Australian Information Security Association James Turner said China has its own supercomputers, so - if it was behind the cyber attack - it was unlikely to have been after the computing power. More likely it after the information assets on it or the information accessible via the bureau's connections.
BoM's systems are likely to be connected to numerous other government agencies' and also external systems at airports and some businesses.
Mr Turner said it was unlikely that the Chinese would be interested in taking out an Australian airport, and were more likely after information that could give the country a commercial advantage.
"We know that China has a dedicated unit in the PLA (People's Liberation Army) dedicated to cyber attacks, we know that they have a dedicated desk for Australia, so we can assert that they are looking for opportunities to gain economic advantage," Mr Turner said.
While the breach is likely to be seen as an embarrassment for Australia, Mr Turner said it would not be due to a lack of defensive planning. Rather that, in reality it was impossible to defend against concerted and determined cyber offensives.
"The bottom line is that if this is a nation state attack then it doesn't matter how good your defences are, because if they really want it, they will put the necessary resources into getting it," he said.
In a recent statement from the Australian Cyber Security Centre, said Australia "continues to experience increasingly sophisticated attempts to infiltrate its networks", ahead of the release of the government's cyber security strategy next year.