A mystery hacker codenamed after a larrikin Australian soap opera character has been revealed as stealing sensitive, high-level information about a $1.1 trillion defence project created by an alliance including Australia, the U.S, United Kingdom and Canada.
Commercially sensitive information on Australia's A$14 billion Joint Strike Fighter programme, its next fleet of spy planes and several of its naval warships have been stolen by hackers who breached a Australia Department of Defence contractor.
"While the Australian company is a national security-linked contractor and the information disclosed was commercially sensitive, it was unclassified".
"It included information on the (F-35) Joint Strike Fighter, C130 (Hercules aircraft), the P-8 Poseidon (surveillance aircraft), joint direct attack munition (JDAM smart bomb kits) and a few naval vessels".
Mr Clarke said the hack was "extensive and extreme" and took advantage of "sloppy" security at the contractor.
Mr Pyne says the incident is a reminder for businesses to take their cyber security very seriously.
Clarke also didn't rule out that a foreign government was behind the incident.
BuzzFeed News has obtained the audio of the presentation from reporter Stilgherrian, and in his presentation Clarke said the aerospace engineering firm in question had around 50 employees with just one IT person, and a "significant amount of data" was stolen over a period of around three months by the Alf hacker, which the ASD called "Alf's Mystery Happy Fun Time".
The P-8 Poseidon is the RAAF's soon-to-arrive fleet of new spy planes.
He indicated the hackers could have been a criminal group or state-sponsored hackers.
ASD when they investigated the hack found a China Chopper remote shell, a backdoor commonly used by Chinese hackers, and Clarke said that ASD found that the Alf hacker had been attempting to use this exploit on a number of Australian IT companies.
"I don't know who did it".
Australian authorities criticised the defence contractor for "sloppy admin" and it turns out nearly anybody could have penetrated the company's network.
The username and password combination used to access the company's system was the default "admin" and "guest".
The ASD was tipped about the breach by "a partner organisation" in November a year ago.
'There's no way this one IT person could have done everything perfectly across the whole domain, ' said Mr Clarke. The company rang both the ASD and CERT hotlines but both organisations said they were not aware that their representatives were approaching the company.