Sensitive information about Australia’s warplanes and navy ships have been stolen from a defence subcontractor, following an “extensive and extreme” cyber security breach last year.
“About 30 gigabytes of data was stolen, including information on Australia’s $ 17 billion Joint Strike Fighter program, and $ 4 billion P-8 surveillance plane project,” the ABC says.
“The breach began in July last year, but the Australian Signals Directorate (ASD) was not alerted until November. The hacker’s identity is not known,” the BBC says.
The breach reportedly gave the attacker access to “pretty much every server”, including the emails of the contractor’s chief engineer and a contracting engineer.
ASD incident response manager Mitchell Clarke told a security conference that the hacker had exploited a weakness in software the government contractor was using, which hadn’t been updated in more than 12 months, and that the contractor was using default passwords on some systems.