​Bureau of Meteorology attack was economically targeted: Frost & Sullivan

According to Charles Lim from research and consultancy firm Frost & Sullivan, the Bureau of Meteorology was intentionally targeted by threat actors to affect Australia's economy.
Written by Asha Barbaschow, Contributor

Charles Lim, industry principal of Cyber Security Practice at Frost & Sullivan, believes the cyber attack experienced by the Australian Bureau of Meteorology (BOM) in December was a deliberate attempt to cripple the nation's economy.

Addressing the Trend Micro Cybercrime 2016 Executive Threat Defence Summit in Sydney on Tuesday, Lim said the BOM was the intended target of the attack due to its impact on the production of produce in Australia.

"You are wondering why anybody would want to hack into a system that predicts the weather forecast; if you think about it, in Australia and New Zealand, you have a big economy of agriculture," he said.

Based in the research firm's Singapore office, Lim said that more than 50 percent of the groceries his city-state consumes originate in either Australia or New Zealand, and Australia's economy is heavily reliant on its produce exports.

"[Australia has] a very big export base which is the food that is farmed in your country," he said. "If you get weather predictions wrong, that's going to affect your economy severely."

"These are the new areas cyber attackers are working on and we have to be concerned about that."

In December, the BOM said its systems were fully operational and reliable in response to concerns the weather bureau had suffered from a large breach.

"The bureau does not comment on security matters," it said. "Like all government agencies, we work closely with the Australian government security agencies."

When BOM officials faced the Senate Environment and Communications Committee in February, they were probed with questions pertaining to the breach, but remained tight-lipped on the details of the event.

"I can say a few things, the first is that there have been no security-related disruptions to our service delivery, to our ICT systems at all -- that's the first thing," BOM CEO Rob Vertessy said.

"The second is that it is well known throughout the internet and the systems that we all run in government and business that there are a range of threat actors out there that require gradually improving security posture for those agencies to minimise the risks of the violations.

"The bureau, like all agencies, has an active program of improving its ICT security posture and we are in the fortunate circumstance because we're rebuilding some of our ICT infrastructure chiefly around the supercomputer. We've got the ability now to redesign the architecture of our systems as such that we have improved ICT security."

When handing down his defence whitepaper in April, Prime Minister Malcolm Turnbull confirmed that the BOM was in fact a victim of a cyber attack.

"In this spirit of openness, and the need for clear leadership to break down a culture of denial as to the scope and scale of cyber threats, I can confirm reports that the Bureau of Meteorology suffered a significant cyber intrusion which was first discovered early last year," he said at the time.

The prime minister also told the nation to pay more attention to cyber safety by securing devices and protecting them with appropriate credentials, as well as regularly updating passwords and guarding them as though they were a banking personal identification number.

"We must pay special attention to unusual looking links in emails and other communications -- because, chances are, if something looks suspicious, it probably is," he said.

According to Lim, in 2015, more than 50 percent of the world's cryptolocker ransomware attacks were targeted towards Australia and New Zealand, saying it impacted the Australian economy by close to AU$17 billion.

He also said 29 percent of those total attacks were targeted towards the energy sector.

"Your energy sector is now actually becoming a big target for these kinds of threats," Lim said.

Updated 11.40 am AEST 11 May 2016: Comments were originally attributed to the wrong person.

Editorial standards