Cyber Incident Victim: Department of Home Affairs
Date:
Oct 2023
Location:
Australia
Summary
The Department of Home Affairs experienced a distributed denial-of-service attack targeting its immigration and visa application portals, causing temporary inaccessibility and ongoing intermittent disruptions for users. Initial assessments confirmed no unauthorized access to personal or sensitive data, with the attack's intent appearing focused solely on service disruption. An investigation is underway, while criticism emerged regarding the department's cybersecurity resilience despite significant government investments in this area.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 6, 2023, the Australian Department of Home Affairs experienced a distributed denial-of-service (DDoS) cyber attack targeting its public-facing websites, including sections hosting visa and citizenship application services. The department first detected the incident overnight, with the attack overloading its systems to disrupt public access. This rendered critical online portals temporarily unavailable, preventing individuals from submitting or accessing immigration-related applications. The disruption persisted intermittently into the following afternoon, as reported by members of the public who contacted the ABC, indicating residual performance issues despite initial containment efforts. A DDoS attack functions by flooding a target server with excessive requests, overwhelming its capacity to respond to legitimate users—a method described in the department’s statement as increasingly common. Home Affairs confirmed the attack was deliberately orchestrated to obstruct website accessibility but emphasized no evidence suggested broader malicious intent beyond service disruption.
The department initiated an investigation immediately upon discovery, assessing technical logs and attack vectors to determine the origin and scope of the incident. Its public statement clarified that no departmental data holdings, including personal or sensitive citizen information, were compromised during the outage. Service restoration efforts commenced promptly, though intermittent accessibility issues indicated ongoing mitigation challenges. Greens Senator David Shoebridge publicly criticized the department’s cybersecurity resilience, citing the incident as evidence of systemic vulnerabilities despite substantial federal investments in cyber defenses. He characterized the shutdown as “disturbing,” particularly given Home Affairs’ role as Australia’s lead agency for national cybersecurity policy. The department maintained its focus on resolving residual technical impacts while reiterating the attack’s limited objective of disrupting public access rather than infiltrating or exfiltrating data.