The Australian Department of Defence yesterday emerged as the latest victim of a ransomware attack, and as has been the case with the other cyber incidents before it, it’s looking a lot more serious than first thought.
Brought to our attention by the ABC, the attack isn’t against the department itself, rather a communications platform used by military personnel and public servants from Defence.
The communications platform is called ForceNet.
ForceNet bills itself as a Defence e-communications platform used to “connect registered users within secure online communities”. It “facilitates auditable communication and information sharing, one to one and one to many, including targeted communications and support in emergency situations and to specific persons.” ForceNet is kind of like an internal social media platform.
At first, it was reported that Defence was told no data of current or former personnel appeared to have been compromised. Unfortunately, as was the case when Medibank first realised its systems had been breached, 40,000 records are at risk.
As The Guardian is reporting, the dataset was from 2018, with Minister for Veterans’ Affairs and Defence Personnel Matt Keogh saying it contained 30,000 to 40,000 records.
Per The Guardian, Keogh said Defence remained confident no personal data had been accessed, but was still working to confirm which current and former staff, including public servants employed by the department, could be affected by the ransomware attack.
While details on the ransomware attack are scant, the ABC did say that Defence staff had received a message from the Defence Secretary and Defence Chief that said the matter was being taken “very seriously”.
“We are taking this matter very seriously and working with the provider to determine the extent of the attack and if the data of current and former APS (Australian public service) staff and ADF personnel has been impacted,” the report quotes the message as saying.
“If you had a ForceNet account in 2018, we urge you to be vigilant but not alarmed.”
It’s the latest in a bunch of cyber attacks suffered by Aussie businesses, with Optus, Woolworths subsidiary MyDeal and wine dealer Vinomofo, in addition to the aforementioned Medibank breach, plaguing the mainstream media news cycle of late.
This isn’t the first security incident to hit Defence, however. Four years ago, to the day, defence contractor and shipbuilder Austal said it had suffered a data breach, with the attacker attempting to extort the company. A year prior, In October 2017, it came to light that the theft of around 30GB of data from an unnamed Australian defence contractor had occurred.
This article has been updated since it was first published.