There are concerns sensitive data belonging to Australian companies and individuals may be among information exposed to hackers after Papua New Guinea’s tax office reportedly suffered a major cyberattack last month.
A “system outage” announced by PNG’s Internal Revenue Commission (IRC) on 29 January was the result of a cyberattack according to a report by ABC News, which said PNG citizens were yet to be informed about the incursion.
It is unclear who was behind the attack, as well as the nature and the volume of any information which may have been leaked.
ABC News reported the hack involved the IRC's Standard Integrated Tax Accounting System, known as SIGTAS, as well as its internet networks, phones, and email communications.
Several of the IRC’s core functions have reportedly remained offline for weeks since the incident.
Information Age has contacted the office of IRC Commissioner General Sam Koim for comment.
Security experts allegedly offered as support
Australia has reportedly offered cybersecurity experts to support the PNG government in the wake of the incident, but it remained unclear if that assistance had been accepted.
Australia's Department of Foreign Affairs and Trade (DFAT) and the office of PNG’s Minister for Information and Communication Technology, Timothy Masiu, were also contacted for comment.
ABC News reported the IRC had engaged an unnamed private company to assist in its recovery.
Local cybersecurity firm Cybersecurity PNG Limited said on Thursday that cyberattacks against government agencies were now “a present reality”.
“As PNG accelerates digital transformation, the urgency to fortify cybersecurity defences has never been greater,” it said in a statement.
PNG’s National Cyber Security Centre launched in 2018 with joint funding from the Australian and PNG governments.
PNG’s Department of Finance experienced a ransomware attack in October 2021, which also disrupted some of its systems.
In October 2024, Minister Masiu said while PNG had "made significant improvement" in its cybersecurity posture in recent years, the nation realised "there is still so much to do" to improve its ICT systems.
Australia's former foreign minister Marise Payne at the launch of PNG’s National Cyber Security Centre in 2018. Photo: DFAT / Supplied
Samoa points finger at China over breaches
Cybersecurity has been a key issue for Asia-Pacific nations in recent years, as some Western nations have sought to limit the influence of China in the region.
On Tuesday, 11 February, Samoa’s government blamed Chinese state-backed hacking group APT40 for a series of recent cyberattacks against the island nation and its Pacific neighbours.
The group, which has previously been blamed for attacks on nations such as Australia, New Zealand, and the United States, had “most recently been observed conducting operations directed at the sensitive networks administered by Pacific Island nations”, according to an advisory published by Samoa’s National Computer Emergency Response Team (SamCERT).
APT40 had used various types of malware and evasion techniques which allowed the group to “avoid detection and enable the exfiltration of sensitive data”, SamCERT said.
“We have observed the threat actor pre-positioning themselves in the networks for long periods of time and remaining undetected before conducting exfiltration activity,” the team added.
The techniques appeared to be similar to those allegedly used by APT40 to infiltrate Australian targets in recent years.
