A communications platform used by Australian military personnel and defense staff has been hit by ransomware hackers, authorities said Monday, amid a recent spike in cyberattacks in the country.
Australian government’s defense department fears the personal data of military personnel, including dates of birth and other information, may have been compromised in the large-scale attack.
Hackers reportedly targeted the ForceNet service, one of the external providers that the department contracts to run one of its websites, with the company initially telling the defense department that no data of current or former personnel had been compromised.
"I want to stress that this isn't an attack or a breach on defense (technology) systems and entities," assistant minister for defense Matt Thistlethwaite was quoted as saying by ABC Radio.
"At this stage, there is no evidence that the data set has been breached, that's the data that this company holds on behalf of the defense."
Australia’s state media, however, cited knowledgeable sources as saying that the department believed “some private details such as dates of birth and dates of enlisting may have been stolen”.
A defense department spokesperson told Reuters in an emailed statement that it was examining the contents of the impacted data set and what personal information it contained.
Australia's minister for defense Personnel Matt Keogh said ForceNet held up to 40,000 records.
"I think all Australians, and rightly the Australian government, is quite concerned about this sort of cyber activity that's occurring, people seeking through nefarious means to get access to others' personal data," he said in a statement.
In their email to staff, the top officials at the department insisted that the hack of ForceNet was not an attack on the department's IT systems, but said the matter was being taken "very seriously".
"We are taking this matter very seriously and working with the provider to determine the extent of the attack and if the data of current and former APS [Australian public service] staff and ADF personnel has been impacted," they wrote.
Ransom software works by encrypting victims' data and hackers typically will offer the victim a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars.
Australia has been hit by a spate of cyber attacks in recent weeks, from telecommunication companies to health insurers.
Since late September, Australia’s No. 2 telecoms company Optus, owned by Singapore Telecommunications Ltd, and the country’s biggest health insurer, Medibank Private Ltd, have had their data hacked, exposing 14 million customer accounts, equivalent to 56 percent of the country's population.
Medibank last week said a criminal entity was behind the cyber attack on the company, managing access to the data of at least 4 million customers, including health claims.
A month earlier, Optus said a cyber attack exposed the data of almost 10 million Australians, with large amounts of data stolen from 2.8 million people.
Technology experts have attributed it to skills shortage among an understaffed, overworked cybersecurity workforce who are ill-equipped to halt cyberattacks.
With hacking software easier to acquire online and the shift to working from home leaving more weak spots in company networks, the number of data breaches has tripled globally in two years, according to cybersecurity industry research.
This week 37 countries, including Australia, will meet at the White House with the goal of tackling ransomware and other cybercrime.
The uptick has sent shockwaves through corporate Australia in particular due to the high visibility of targets and the sensitivity of their data, including millions of medical records.