A hacker has stolen commercially sensitive data on sophisticated US weapons systems from an Australian defense contractor in a four-month attack on the company’s computers, the Wall Street Journal reports.
The attacker was nicknamed “Alf”, and the Australian military referred to the July 2016 breach as “Alf’s Mystery Happy Fun Time”, referring to a character from the long-running TV drama series Home and Away, the newspaper said.
The hacker used simple combinations of login names and passwords “admin; admin” and “guest; guest” to exploit a vulnerability in the company’s help-desk portal, the report said.
It was the third major breach of sensitive US military and intelligence data to come to light in the past week.
Reports on Tuesday said North Korean hackers had accessed a military database and stolen top secret files, including a plan for a decapitation strike against top leaders in Pyongyang. Earlier, reports said Russian government-backed hackers stole details of how the US penetrates foreign computer networks and defends its own.
The identity and affiliation of the hacker in the Australian attack were not disclosed, but officials with knowledge of the incident said the attack was believed to have originated in China, according to the Journal.
Mitchell Clarke, incident response manager at the Australian Signals Directorate, told a cybersecurity conference in Sydney on Wednesday that Alf obtained around 30 gigabytes of data on Australia’s planned purchase of up to 100 F-35 fighters made by Lockheed Martin, as well as information on new warships and Boeing-built P-8 Poseidon maritime surveillance aircraft.
The theft also included details of C-130 Hercules transport aircraft and guided bombs used by the US and Australian military forces.
“The compromise was extensive and extreme,” Clarke was quoted as saying.
– Contact us at [email protected]