China suspected of cyber attack on Western Australia’s Parliament during state election

Andrew Greene
Mar 17, 2021, updated Mar 17, 2021

WA has come under cyber attacks from China. Photo: Getty

Western Australia’s parliamentary email network was hit by suspected Chinese hackers earlier this month as part of a massive global cyber-attack involving Microsoft software.

The ABC has confirmed the online strike, which was detected on March 4 in the middle of the state election campaign, prompted intervention from Australia’s cyber security watchdog in Canberra.

“Please be advised that the Parliament mail server has been hit with a cyber-attack,” WA politicians were warned at the time.

“Consequently, the mail server will be down until further notice,” a text message sent by the Department of Parliamentary Services advised.

An investigation by Western Australia’s Parliamentary Services Department has since concluded no sensitive data was stolen in the attack.

“As soon as we became aware of the attack, we immediately disconnected the email server,” WA’s Executive Manager of Parliamentary Services Rob Hunter told the ABC.

The situation was resolved by the following morning … and a forensic audit found there was no data breach.’’

A week later, the Australian Cyber Security Centre (ACSC) warned all organisations and businesses using Microsoft Exchange products to urgently patch their software after it was compromised by hackers.

Thousands of Australian servers are believed to have been affected by the hack, although the federal government has not publicly identified any of the organisations or businesses hit.

WA MPs received a text message after the incident.

The ACSC has declined to comment on the attack against Western Australia’s Parliament but a spokesperson said many organisations were “yet to patch affected versions of Microsoft Exchange, leaving them exposed to potential compromise”.

Shadow assistant minister for cyber security, Tim Watts, has questioned why the federal government has not been more transparent about the cyber attacks.

“Our democratic institutions are the foundation of our national sovereignty – we shouldn’t be learning about an incident like this from the media,” he said.

“Now the Morrison government talks tough on cyber threats but the scandals engulfing the Defence Minister have distracted them from this really serious national security threat.”

Last week, Assistant Defence Minister Andrew Hastie told the ABC the government would not publicly discuss which public or private organisations may have been hit by the attack.

“It’s time we start thinking about the cyber domain as a battlefield and you certainly don’t advertise where you’re weak, wounded or vulnerable on the battlefield,” he said.

“In the same way, we’re not going to talk about organisations that have been targeted individually — we want Australians to take action, take a more defensive posture.”

It comes after a warning last year from federal government agencies, which believed China was the nation behind ongoing cyber attacks on Australian institutions.

While Prime Minister Scott Morrison said he would not formally name the state suspected of the attacks, senior sources confirmed China was believed to be behind the malicious attacks.

In the United States, the Biden Administration has urged IT administrators nationwide to install software fixes immediately.

“We encourage network owners to patch ASAP,” National Security Advisor Jake Sullivan tweeted on March 5.

Microsoft Exchange Server holds millions of corporate emails, calendars and rostering products and if hacked entire email inboxes could be wiped as well as stolen.

In 2016, a cyber security breach caused chaos with Western Australia’s communication networks and hindered a number of crucial operations.

A foreign government was suspected of launching a sophisticated cyber-attack on federal Parliament’s computer network two years ago, involving the installation of malware.

-ABC