【News】Cyberattack Captures Data on U.S. Weapons in Four-Month Assault 4か⽉のサイバー攻撃で⽶国の武器データは盗まれた


 オーストラリア キャンベラ ー「Alf」というニックネームのサイバー攻撃者がオーストラリアの防衛請負業者のコンピューターにアクセスし、⾼度な⽶国の兵器システムに関するデータに4か⽉にわたって襲撃しました。

※ from The Wall Street Journal Oct. 12,2017 (有料サイト)

CANBERRA, Australia—A cyber attacker nicknamed “Alf” gained access to an Australian defense contractor’s computers and began a four-month raid that snared data on sophisticated U.S. weapons systems.
Using the simple combinations of login names and passwords “admin; admin” and “guest; guest” and exploiting a vulnerability in the company’s help-desk portal, the attacker roved the firm’s network for four months. The Australian military referred to the breach as “Alf’s Mystery Happy Fun Time,” referring to a character from the soap opera “Home and Away.”
The incident, detailed by a senior Australian intelligence official in a speech on Wednesday, was the third major breach of sensitive U.S. military and intelligence data to come to light in the past week.
On Tuesday, a South Korean lawmaker said North Korean hackers had accessed a military database and stolen top-secret files, including a plan for a decapitation strike against top leaders in Pyongyang. That followed reports that hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends its own.
The identity and affiliation of the hackers in the Australian attack weren’t disclosed, but officials with knowledge of the intrusion said the attack was thought to have originated in China. Alastair MacGibbon, the government’s chief cybersecurity adviser, said the type of information stolen made it more likely that the hackers were working for a foreign nation than for a criminal enterprise. …more