Cyber Incident Victim: Austrian Parliament
Date:
Feb 2019
Location:
Australia
Summary
An attempted cyber intrusion targeted the Australian Parliament's computer network, prompting an investigation by authorities. While no evidence indicated that information was accessed or stolen, all parliamentary passwords were reset as a precautionary measure. Cybersecurity experts assessed the attack likely originated from a foreign state actor, though officials did not publicly attribute responsibility or disclose specific motives. The incident did not appear to target government agencies or seek to disrupt electoral processes, but opposition figures characterized it as a significant security alert. The breach attempt followed prior cyber incidents affecting other government entities, highlighting persistent vulnerabilities in political infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 8, 2019, Australian authorities disclosed an investigation into a cyber intrusion attempt targeting the federal parliament’s computer network. The incident prompted parliamentary officials to reset all passwords for lawmakers and staff as a precautionary measure, though they confirmed no evidence indicated unauthorized access to or theft of sensitive information. Prime Minister Scott Morrison acknowledged the breach publicly but declined to elaborate on its origin or technical specifics, emphasizing no government agencies or departments beyond the parliamentary network appeared compromised. The parliamentary network housed email communications, legislative documents, and other operational data used by elected representatives and their teams. Senior officials stated the intrusion showed no signs of attempting to disrupt or influence electoral systems or political activities, distinguishing it from interference-focused operations. Opposition Leader Bill Shorten characterized the event as a significant security alert requiring heightened vigilance.
The Australian Strategic Policy Institute’s Fergus Hanson speculated the attack likely originated from a foreign state actor, citing the sophistication required and the strategic value of accessing parliamentary correspondence, staffer communications, and internal deliberations. This incident followed a pattern of state-sponsored cyber operations against Australian institutions, including breaches of the Bureau of Meteorology and Australian Bureau of Statistics in 2015–2016, and a 2011 email compromise targeting cabinet ministers. While no specific nation was formally attributed in this case, domestic media historically linked similar incidents to China. The government’s response focused on containment through credential resets and network monitoring, avoiding public attribution or retaliatory measures. The breach underscored persistent vulnerabilities in political infrastructure but did not trigger reports of operational disruption or data exploitation.