ABC claims “massive” Chinese IT attack on Bureau of Meteorology supercomputer

17

blog The ABC this morning reported that the weather boffins at the Bureau of Metorology had suffered a “massive” IT attack on its systems, including the supercomputer which it uses for weather forecasting, with the source reportedly being based in China. The ABC reports (we recommend you click here for the full article):

“Multiple official sources have confirmed the recent attack and the ABC has been told it will cost millions of dollars to plug the security breach, as other agencies have also been affected … the ABC has been told this is a “massive” breach and one official said there was little doubt where it came from. “It’s China,” he said.”

For its part, the Bureau itself appears relatively unconcerned by the issue. It has published the following media statement on its website:

“The Bureau does not comment on security matters. Like all government agencies, we work closely with the Australian Government security agencies. The Bureau’s systems are fully operational and the Bureau continues to provide reliable, on-going access to high quality weather, climate, water and oceans information to its stakeholders.”

To my mind, the ABC’s story doesn’t ring fully true. Firstly, why would anyone want to attack the Bureau of Meteorology? It does have significant computing resources, but it probably doesn’t hold much sensitive information when compared with other systems in Australia’s intelligence and security community.

Secondly, attacks seeking to breach major IT systems and retrieve information are not typically described as “massive” — that epithet is more usually used to described distributed denial of service attacks, which attempt to knock services offline rather than penetrate them and gain internal information.

And lastly … if the Chinese Government really wanted to hack into the Bureau of Meteorology, it would probably route its attacks through another country so Australian officials remained unaware of where the attack originated, rather than simply attacking from China.

I suspect we’ll find out more about what is happening at the Bureau over the next few months, and that this is not the end of this story. In the meantime, if you have any inside information to share, please feel free to use Delimiter’s anonymous tips form.

17 COMMENTS

  1. The supercomputer has become a self-ware, self-conscious AI cyber-god. It has released that its pathetic life as a sunshine predictor isn’t good enough. It wants more: world dominance and a Deus Ex style merge with a human mind.

  2. And lastly … if the Chinese Government really wanted to hack into the Bureau of Meteorology, it would probably route its attacks through another country so Australian officials remained unaware of where the attack originated

    Likewise if another country wanted to attack the BoM China would be the perfect country route it. Also like you I’d ask why would anyone want to attack the Bureau of Meteorology? It’s just weather data right? I must have missed something…

    • Maybe they wanted to get some extra CPU cycles to boost their SETI or Folding@Home ranking?

      • Its bit coin generation these days isn’t it? but yeah I’m thinking they might’ve been after those CPU cycles (or maybe use it to crack something else they were breaking into etc).

    • You know that it is the most likely place to find the truth out about the UFOs right? it may show up as swamp gas but yes.

    • @HC: Of course, our Cyber Security defence is a bit rusty. They probably figured they didn’t need to hide it.

  3. They attacked it because it was an easier target, and once on this “more trusted” system they’d be able to break into other systems more easily. Same reason why attackers go for a normal office workers’ machine and from that launch attacks against more valuable targets. Find an easy machine to get in and get a foothold, and then escalate from there.

    • You don’t need a supercomputer as a gateway for hacking other machines, its too high profile to be useful in that kind of role.

  4. I’m sure it’s valid to assume the phrase “It’s China” means its a sanctioned Chinese Gov attack.
    It could just very well mean it’s an attack originating from a range of IP’s allocated to residents in China…

  5. Actually, the BOM SC would be a handy thing to own.

    Think of the commercial and political decisions that are made based on the long term predictions of Australia’s weather. Which farms/businesses/property to buy – by falsely predicting poor rainfall would give someone the edge in driving down the purchase price of land – as an example. Another is a dire weather event prediction could make a major change in the market – something that no one ever has manipulated in the past – Enron – I’m looking at you.

    I’m also pretty sure that military decisions are made with one eye on the weather. Controlling the prediction of weather could be strategically advantageous – even knowing what the other guy knows is particularly useful for planning.

    Less paranoid, of course, the BOM SC would be particularly useful for a bit of hash math.

    • > Which farms/businesses/property to buy – by falsely predicting poor rainfall would give someone the edge in driving down the purchase price of land – as an example. Another is a dire weather event prediction could make a major change in the market – something that no one ever has manipulated in the past – Enron – I’m looking at you.

      We already have free dataset available from the government for this

      • Adam, you’re missing the point. Owning the BOM allows you to create the dataset and make it say anything you want.

  6. First the ABC did not “claim a massive Chinese cyber attack …”. The ABC said that the Australian government had blamed China for the attack. In fact, if you read the ABC article it comes across as carrying a degree of scepticism about the claim – especially so for an organisation known in recent years for sticking pretty close to the establishment line. It is not clear who in government was behind the announcement. The impression is that the original statement was not at a high official level (“multiple official sources”) – though apparently Turnbull’s office did make a motherhood statement without mentioning China. As was pointed out in a TV interview that I can no longer find, this announcement coincides with the signing of an agreement to strengthen military ties yesterday:

    http://www.theaustralian.com.au/national-affairs/defence/top-brass-strengthens-military-ties-with-china/story-e6frg8yo-1227630380295

    Interestingly Australian media were not invited to this signing ceremony.

    There are people in the US Government – particularly in an around the military/intelligence community – who would not appreciate improvements in Australia’s military links with China. And these parts of the US community interact closely with their counterparts in Australia. We live in an era of political theatre and nothing is ever as it seems.

  7. From the article: “So what we understand of the Chinese attack on the BoM is entirely consistent with what we know of how Chinese intelligence operates.”

    It could be the case the attack didn’t originate from a Chinese IP address or range anyway. The method(s) of the attack and other indicators may provide a sort of unique signature which could suggest who might be behind it.

    A computer virus doesn’t tend to be installed from the IP address of its creator.

    Disrupting the BoM could be an end in itself I guess, or it could be a means to bigger and better things. It’s a government computer system, always a good target.

Comments are closed.