WA Government 'targeted' by Chinese hackers with advanced cyberattack tool: report
Update: Western Australia's government has defended its security protocols after an employee was targeted in a cyber attack reportedly linked to the Chinese military.
The New York Times had reported a staff member in Premier Mark McGowan's office was the subject of the hacking attempt in January.
But a government spokesperson says the intended recipient of the email, sent from a hacked device in the Indonesian embassy in Canberra, was an employee of the Department of the Premier and Cabinet and not the premier's office.
"There is no evidence the premier's office has been hacked," the spokesperson said on Friday.
The article said the government employee had received an email, with a Word document attached, seemingly from a known contact at the Indonesian embassy.
The attachment contained an invisible cyber attack tool with "alarming new capabilities" which hackers could use to remotely take over a computer and copy, delete or create files, while also carrying out extensive searches of the device's data.
It was only detected because the hacker sent the email to the wrong address.
An investigation by Israeli cybersecurity company Check Point Software Technologies has identified the "Aria-body" tool as a weapon used by a group of hackers called Naikon that has previously been traced to the Chinese military.
The New York Times report said the hacker was able to take over the computer used by an Indonesian diplomat in Canberra, complete a document the envoy was working on, then send it to the government employee.
"The malicious email referred to in the article was detected by the Department of the Premier and Cabinet's email security and blocked," the government spokesperson said.
"This demonstrates the department has good protections in place, consistent with industry best practice."
PRIME MINISTER SCOTT MORRISON HAS REVEALED A THREE STEP PLAN TO ROLL BACK AUSTRALIA’S CORONAVIRUS RESTRICTIONS
MAN TO FRONT COURT AFTER ALLEGEDLY POINTING GUN AT WA POLICE DURING ESPERANCE ARREST
AUTHOR OF PRINCE HARRY AND MEGHAN MARKLE’S NEW BIOGRAPHY SAYS SUSSEXES 'DIDN'T EXPECT THINGS TO WORK OUT THE WAY THEY DID'
The incident was reviewed by the Australian Cyber Security Centre and the department's email security system and no further action was deemed necessary.
Thousands of malicious emails were blocked by the security system every week, the spokesperson added.
The premier earlier on Friday said he didn't know anything about the matter but it had been referred to his department's director-general.
“I don’t know anything more about it than an article or a line in a story in the New York Times,” he told reporters.
“As to who does these things or what happens or whether its even true, we’ll try to get to the bottom of it.”
Opposition spokesman Zak Kirkup said the premier should reveal what measures had been put in place to protect sensitive information.
“This information in the wrong hands could undermine or commercially disadvantage our largest employers and impact our already struggling economy,“ he said.
“Potentially sensitive information could also be used as leverage against the premier, his staff and the state of Western Australia as a whole.”