blog Those of you with long memories will recall that some 12 months ago, Four Corners aired a controversial report claiming that several of Australia’s largest mining companies were under attack by Chinese hackers, with a view to siphoning off sensitive corporate information. This morning, that claim resurfaced again, fuelled by comments coming from a business lunch hosted by The Australian in Perth (click through to check out the whole article). And outgoing Woodside Petroleum chief executive Don Voelte made it clear it wasn’t just the Chinese:
“Let’s not focus this on the Chinese: I saw the number of attacks against our company over a time period,” he said. “It comes from everywhere. It comes from eastern Europe; it comes from Russia. Just don’t pick on the Chinese; it’s everywhere.”
The big miners are now apparently working with the Defence Signals Directorate and Attorney-General Robert McLelland on securing their infrastructure.
Now, the fact that these issues keep on coming up in public leads me to believe that there is something to them … however, as with the Four Corners report last year, the information released this week comes with no details. So far we have no information about what kinds of attacks these are, what information precisely is being targeted, what security is being put in place to defeat them, what evidence there is that it was “China” or “Chinese” behind the intrusions, and so on.
There is no doubt the security community is secretive. And there is no doubt that most large organisations won’t talk publicly about the details of electronic attacks on them — no matter whether the attacks are trying to shut down infrastructure or source corporate information.
But I think until we get more concrete details around this one, I fear that Australia’s IT industry — and the IT sector at large — is just not going to know what to think about this.
PS: If you’re reading this and work for a large Australian mining company … check out our anonymous tips page — our virtual doors are always open ;)
Image credit: engindeniz, royalty free
Having worked for a large company that was a target of similar attacks in the past, I think there’s likely some truth to these stories. You can’t publish too much because you don’t want the attackers to know how much you know. Sucks for public discourse on the topic, but the company has to put it’s own interests at heart here…
Comments are closed.