Western Australia Premier's Office

The Office of Mark McGowan, also known as the Western Australia Premier's Office, functions as the administrative and operational hub supporting the Premier of Western Australia in executing governmental duties. Its activities include managing communications, policy coordination, and strategic initiatives related to state governance. The office handles sensitive information across domains such as public health and environmental management, reflecting its role in shaping regional policy. Its position as a high-level government entity makes it a strategic target for cyber espionage operations seeking geopolitical intelligence.

In January 2020, the organization suffered a sophisticated cyberattack attributed to the China-linked Naikon hacking group. Attackers delivered the novel Aria-body malware via a weaponized email attachment impersonating the Indonesian Embassy, compromising systems to enable remote control, data exfiltration, and keystroke monitoring. The breach specifically targeted staff engaged in ecological and health-related work, indicating intelligence-gathering objectives aligned with regional strategic interests. Detection occurred solely due to operational errors when malicious emails reached incorrect addresses, triggering server alerts. Forensic analysis revealed advanced evasion tactics, including self-modifying code and infrastructure hijacked from legitimate entities like the Philippines' Department of Science and Technology. This incident demonstrated the office's exposure to persistent state-sponsored threats despite lacking publicly disclosed cybersecurity capabilities or structural details. The campaign concurrently compromised multiple Southeast Asian government agencies and technology firms, underscoring the broader regional threat landscape facing governmental entities.