Defence document leak was no accident, source says

By on
Defence document leak was no accident, source says

The alleged compromise of a highly confidential document from the Department of Defence was no accident, an insider says.

The document was allegedly stolen after a Defence official emailed the document to their home account, ABC's Four Corners reported.

Malware residing on the official's home computer then exfiltrated the document to servers in China, the TV program claimed.

A Four Corners source said Defence was a "victim of its own bad practices as much as the efforts of the hacking fraternity".

However, a Department of Defence source told SC a person stealing a classified document would need to deliberately circumvent security controls, and it was not possible to accidentally email the file to an external address.

“The idea that a highly classified document was emailed out is probably total bullsh*t,” the source said.

“The officer would have had to have gone through and edited the document to remove keywords. There are a lot of safeguards to stop Wikileaks-type scenarios.”

Security controls were in place at Defence to prevent sensitive documents from being copied off the network. Such documents were marked classified and were protected by data leak prevention (DLP) which searched for words and phrases that would prevent accidental or deliberate loss of sensitive information.

But DLP systems could be infamously porous and required significant fine tuning to work effectively.


Heightened state of risk

It comes as ASIO chief David Irvine said the new department headquarters was secure despite reports blueprints for the building had been compromised.

The head of the country's domestic security agency said it was frustrating that he could not  verify the ABC reports due to national security concerns.

Four Corners revealed through anonymous sources that the blueprints included details on the building's security systems, communications networks and server room locations.

Attorney General Mark Dreyfus said the building would not be redesigned as suggested by sources in the ABC program. They said ASIO would alternatively need to accept a heightened state of risk.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
asio defence department of defence security

Partner Content

Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Comms Group to spend $10m to buy TasmaNet business and assets

Comms Group to spend $10m to buy TasmaNet business and assets

Log in

Email:
Password:
  |  Forgot your password?