PM orders probe after pollies' info stolen in hack
PRIME Minister Malcolm Turnbull has ordered a report from his top cyber security adviser on a Yahoo data breach amid claims more than 3000 Australian government officials - including a federal minister - had private data stolen.
The Prime Minister confirmed he had not been a victim of the massive 2013 Yahoo data breach that has reportedly involved Australian diplomats, Defence officials and high-profile politicians.
Mr Turnbull said, based on what he had seen in news reports, it was unlikely there would be security issues with the politicians whose emails had been hacked.
Social Services Minister Christian Porter, Shadow Treasurer Chris Bowen, Victorian Premier Daniel Andrews, Liberal MP Andrew Hastie, Shadow Health Minister Catherine King and Liberal senator Cory Bernardi were among the victims of the hacking, ABC reports.
"I've seen the names in the paper, I'll obviously get a report from my cyber security adviser," he said speaking on ABC radio today.
"The account details related to accounts in 2013.
"That may well have been before the Coalition was elected in 2013.
"Of course it begs the question as to what was in those accounts.
"Clearly in terms of classified government information [that] can only be transmitted or used on approved government communication systems.
"Based on what I've seen it would be very unlikely that, referring to the politicians involved that I've seen, that there would be security issues but we don't take any of this stuff lightly, complacently," he said.
"I'll be getting a report on this from my cyber adviser Alastair MacGibbon."
InfoArmor, a US cybersecurity firm which investigates data theft, told the ABC the data was stolen from Yahoo in 2013 by a hacker organisation from Eastern Europe.
Mr MacGibbon said the focus on MPs was misplaced.
"I think our focus on MPs and other government officials is probably missing the main point here, there are a billion personal email accounts that have been compromised by criminals," he told ABC.
"That's a staggering number by any measure.
"Really we should be focusing on the broader implications of this type of breach and to help educate the public on reducing the likelihood of these things impacting them, like changing their passwords, using two-factor identification on any service."
Mr MacGibbon said there was no indication sensitive government information had been on any of the accounts.
The revelations even had a positive aspect.
"We should be celebrating really that public officials and politicians maintain a personal email account and a public email account," he said.
The stolen database contains email addresses, passwords, recovery accounts, and other personal identifying data belonging to more than 3000 Australian officials.
Australian Federal Police officers, diplomats, judges and magistrates were also reportedly affected.
According to InfoArmor, the Yahoo accounts were sold to cyber criminals and what is believed to be a foreign intelligence agency for the equivalent of AU$401,400 each.
The ABC reports it was able to identify the Australian officials because they had used their government emails as backup accounts in case they forgot their passwords.
The Prime Minister's Cyber Security Special Advisor Alastair MacGibbon told ABC criminals could exploit the content of those accounts, if for example the victim recycled a password.
InfoArmor's chief intelligence officer Andrew Komarov told the ABC the hackers were cyber-criminals motivated by profit, not a state-run entity.
Mr Komarov said the organisation had years to exploit the data, making it difficult to determine what happened and how many government employees could have been compromised.
"This group has no presence on any forums or marketplaces," Mr Komarov said.
"In the past they used two proxies: one for the Russian-speaking underground and another one for the English-speaking."
"They sell their data indirectly using some trusted channels, contacts and proxies.
"Not through any marketplaces or forums because of their security measures, they don't need it.
"They have pretty serious contacts in the underground and some trusted rounds of various cybercriminals with whom they work."
Most of the politicians reportedly affected by the hack declined to comment but one adviser told the ABC some accounts linked to politicians could have been set up by staffers.
A spokeswoman for Mr Porter told the ABC "as far as the Minister is aware he has never used a Flickr account", while a spokesperson for Senator Bernardi said "to the best of his knowledge, [senator Bernardi] doesn't have a Yahoo account."
A Department of Defence spokesperson told the ABC it had notified its employees after it was informed of the hack last October, via NSW Police, two months before Yahoo announced the massive breach.
Opposition leader Bill Shorten said launching an investigation into the breach now would be like "shutting the gate after the horse has bolted".
But he said the Opposition would work with the Government reach out to businesses regarding data security to strengthen Australia's response against cyber crime
"It is a timely reminder for all of those who keep secure information of people's passwords and important personal information electronically, we need to do more to protect that and there is a role for Government to liaise with business to ensure this breach which happened in the past doesn't happen in the future," he said.