Australian defence contractor Austal hit by data breach

The shipbuilder says its US operations are not impacted, as systems are not linked.
Written by Chris Duckett, Contributor

Australian prime defence contractor and shipbuilder Austal informed [PDF] the Australian Securities Exchange (ASX) of a data breach after the market closed on Thursday evening.

The company said it alerted "stakeholders" who were potentially hit by the breach, but said no information affecting national security or the company's operations was stolen, although a number of staff emails and phone numbers were taken.

"Ship design drawings which may be distributed to customers and fabrication sub-contractors or suppliers are neither sensitive nor classified," the company said.

Austal said the attacker attempted to extort the company, and the matter has been referred to the Australian Cyber Security Centre and the Australian Federal Police (AFP).

"Austal cannot provide any additional information at this time," the company told the ASX.

The company states that it has designed and constructed over 260 vessels for more than 100 operators in its 28-year history. Austal is involved in the United States Navy's Littoral Combat Ship program, and provides vessels to the Royal Navy of Oman. For Australia, the company constructs Cape-class Patrol Boats, as well as selling patrol boats to Yemen, Bermuda, Kuwait, Malta, and Trinidad and Tobago.

Austal also subcontracts to NAB to build ships for Defence.

In October 2017, ZDNet reported that the Australian Signals Directorate (ASD) disclosed the theft of around 30 gigabytes of data from an unnamed Australian defence contractor.

Restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition smart bomb kit, and "a few Australian naval vessels" was among the sensitive data stolen from a small Australian defence contractor in 2016.

The victim's network was small. One person managed all IT-related functions, and they'd only been in the role for nine months. High staff turnover was typical.

There was no protective DMZ network, no regular patching regime, and a common Local Administrator account password on all servers. Hosts had many internet-facing services.

The ASD's investigation found that internet-facing services still had their default passwords, admin::admin and guest::guest.

Related Coverage

How Australia's Department of Defence is using IBM Watson

The Department of Defence told ZDNet it has highlighted at least 14 use cases for its on-premises version of IBM Watson to use artificial intelligence to gain valuable insights out of its data.

Australian Air Force receives flight sensor tech from Defence

The government has unveiled a flight instrumentation kit with multiple sensors for in-flight tests for the Royal Australian Air Force, as well as virtual reality software for Adelaide-based Consilium Technology.

Defence backs Saber Astronautics with AU$1.2m contract for space security

Australia's Department of Defence has awarded Saber Astronautics a contract to detect 'degraded electronic signals' as part of its recent round of Defence Innovation Hub contracts.

Cyber defence goes missing in Australian Cabinet reshuffle

Prime Minister Scott Morrison's new ministry cuts the Australian government's focus on cybersecurity at exactly the time it needs it most.

Cyber Dam Busters could give Australia's military an asymmetric edge

A cyber offensive capability could knock out key infrastructure targets cheaper than conventional military kit, but Australia needs to get its messaging right to avoid triggering the neighbours.


Australian Defence Vessel Cape Fourcroy.

(Image: Australian Department of Defence/LSIS James Whittle)
Editorial standards