In November 2016, the Australian Signals Directorate (ASD) was alerted by a "partner organisation" that an attacker had gained access to the network of a 50-person aerospace engineering firm that subcontracts to the Department of Defence.
Restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and "a few Australian naval vessels" was among the sensitive data stolen from a small Australian defence contractor in 2016.
The secret information was restricted under the International Traffic in Arms Regulations (ITAR), the US system designed to control the export of defence- and military-related technologies, according to Mitchell Clarke, an incident response manager at the ASD who worked on the case.
One document was a wireframe diagram of "one of the navy's new ships". A viewer could "zoom in down to the captain's chair and see that it's, you know, 1 metre away from nav chair", Clarke said.
The data theft was first reported on Tuesday as part of the 2017 Threat Report from the Australian Cyber Security Centre (ACSC). Little information was given at the time. The victim was described as a "small Australian company with contracting links to national security projects". The attacker had "sustained access to the network for an extended period of time" and had stolen a "significant amount of data".
Clarke provided significantly more detail in his presentation to the national conference of the Australian Information Security Association (AISA) in Sydney on Wednesday. (end of excerpt)
Click here for the full story, on the ZD Net website.