Authorities are investigating a “sophisticated” cyber security attack on Parliament’s IT network, with concerns a foreign government was behind the attempted attack.
Speaker of the House Tony Smith and President of the Senate Scott Ryan issued a joint statement last Friday morning confirming the “security incident”, which was discovered on Thursday night.
A “number of measures have been implemented” to protect from the attack, and all passwords of MPs and their staff have been reset due to an “abundance of caution”.
Smith and Ryan stressed that “there is no evidence that any data has been accessed or taken at this time”, but the attack is now subject of an ongoing investigation by authorities.
“The Department of Parliamentary Services and relevant agencies are working jointly to take the necessary steps to investigate the incident, while our immediate focus has been on securing the network and protecting data and users,” the statement said.
Concerns of foreign interference are heightened with a federal election only months away, but the government said that there is “no evidence that this is an attempt to influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes”.
The cyber attack was on the Parliament computing network which is used by all members of parliament and their staff – about 4000 people in total.
The Australian Signals Directorate said it is taking the “necessary steps” to “mitigate the compromise and minimise the harm” from the attack.
There have been “substantial strides in strengthening cyber defences” in the last five years, Smith and Ryan said.
“The methods used by malicious actors are constantly evolving.
“Since 2012, Department of Parliamentary Services has made substantial strides in strengthening cyber defences for the APH IT networks.
“While there is no guaranteed approach to cyber security, best practise is the ability to detect and remediate threats quickly. The department has done this working jointly with expert agencies,” they said.
There are early concerns that China may have been behind the security breach, but the government has said it is far too early to place the blame on any party.
“Accurate attribution of a cyber incident takes time and investigations are being undertaken in conjunction with the relevant security agencies,” Smith and Ryan said.
“We are not in a position to provide further information publicly at this stage. Updates will be provided to members and senators and the media as required.”
Addressing the media on Friday afternoon, opposition leader Bill Shorten said the cyber attack is a “wake-up call”.
“What I was thinking about this morning as we see the extent of the security necessary to restore the integrity of the system is are we doing enough in this country for small and medium businesses to help protect them?” Shorten said.
“The other thing which this is a wake-up call for is data. We give a lot of our data to the big international and multinational companies. It is very important to do more to protect our data.”