"Cowardly" hackers infiltrate Australia's disaster alert system

Stolen login credentials were used to send out a false emergency message

A hacker was able to send out false emergency texts, emails and landline messages across Australia after gaining access to the country's early warning system.

The message sent out on Friday announced that the country's Early Warning Network (EWN) had been hacked and that personal data was vulnerable as a result, advising users to unsubscribe from the state-run service. It's believed a criminal had illegally obtained login credentials and was attempting to damage user trust in the service, rather than steal personal data.

Advertisement - Article continues below

The EWN is an information communication system that alerts the general public to natural disasters and imminent threats. Last month the service was used to alert residents in central Queensland during a devastating spate of bushfires.

The EWN said its staff were quick to identify the attack and shut down the messages early, but it's believed thousands of citizens may have received the alert.

"The unauthorized alert sent on Saturday night was undertaken by an unauthorized person using illicitly gained credentials to login and post a nuisance spam-notification to some of our customers," the company said in a Facebook post. "The link used in this alert were non-harmful and your personal information was not compromised in this event. Investigations are continuing with the Police and Australian Cyber Security Centre."

Advertisement
Advertisement - Article continues below

Despite the links in the message, these are in fact legitimate support websites and therefore users were not at risk of phishing attacks. There is also no indication at this stage that the hack was financially motivated. Speaking to ABC.net, EWN managing director Kerry Plowright said the breach is about ruining the service.

"This event did not compromise anybody's personal information," he said. "The actual data held in our system is just 'white pages'-type data, we deliberately don't hold any other personal information. The purpose of that notification from the person that sent it was to damage this business. It was malicious."

Advertisement - Article continues below

Acting Gladstone Mayor Chris Trevor referred to the malicious actors as cowards for infiltrating a system that saved lives.

"We fear that residents will now unsubscribe to a system that is so imperative when it comes to preserving life," he said. "There was no doubt that early warning system saved lives.

"Sadly we now have a coward or cowards who have attempted to infiltrate that system."

Advertisement

Recommended

Visit/security/cyber-security/355210/cyber-criminals-torn-over-how-to-adapt-to-post-coronavirus-threat
cyber security

Hackers torn over how to adapt their tactics to the coronavirus pandemic

3 Apr 2020
Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/business-strategy/flexible-working/355186/why-were-lucky-covid-19-has-come-now
flexible working

Why we’re lucky COVID-19 has come now

3 Apr 2020