Australia PM claims foreign country backed group led Parliament cyber attack

UK's National Cyber Security Centre reported that a group called APT10 was behind several large cybersecurity breach incidents.

Russian hacker stole more than 88,000 Singaporean accounts
Cyber Crime Reuters

Australian Prime Minister Scott Morrison said on Monday that the recent incident of the cyber attack on country's Parliament computer networks was carried out by a "sophisticated" hacking group, controlled by a foreign government.

Even though PM Morrison did not reveal the name of the country behind the cyber attack that took place on February 8, he told in Parliament in Canberra "During the course of this work, we also became aware that the networks of some political parties - Liberal, Labor and Nationals - have also been affected," adding that a "sophisticated state actor" was behind the cybersecurity breach.

Our security agencies have detected this activity and acted decisively to confront it. They are securing these systems and protecting users.

Let me be clear, there is no evidence of any electoral interference. We have put in place a number of measures to ensure the integrity of our electoral system.

As soon as the authority noticed that an unknown attacker tried to hack the systems, they started the investigation and followed a series of measures, such as reset the passwords, even though data was not stolen or damaged.

Last December, Australia joined US and UK in condemning the supposed campaign of cybersecurity violations on intellectual property and worldwide trade data attributed to China. As per these countries, a group, known as Advanced Persistent Threat 10 (APT 10), allegedly acted on behalf of the Chinese Ministry of State Security, to conduct a large scale cyber-attack in Europe, Asia and US.

UK's National Cyber Security Centre (NCSC) also said that as per a joint report by Recorded Future and Rapid7 APT10 of infiltrating the network of Norwegian cloud computing company Visma, which is one of the largest cloud service providers in Europe.

APT10, which is also known as Stone Panda, MenuPass and Red Apollo, has been active since at least 2009.

"Since then it has targeted healthcare, defence, aerospace, government, heavy industry/mining, Managed Service Providers (MSPs) and IT industries, among many other sectors, for the likely purpose of intellectual property theft," said NCSC.