Share this article on:
The Department of Home Affairs cannot pin a 2023 distributed denial-of-service (DDoS) attack on a particular group, despite Russian hackers claiming responsibility at the time.
A spokesperson for the Department of Home Affairs has told Senate estimates that, despite a lengthy investigation, it has been unable to determine who was behind a cyber attack that took its website offline last October.
“As with most DDoS attacks, the threat actor disguised their activities through the use of multiple IP addresses, making the attribution of the origin difficult, if not impossible,” Home Affairs said in response to a question on notice, as reported by The Guardian.
“The investigation further confirmed the impact of the DDoS attack was designed to slow the ability of external users to access departmental website information. No information, including personal or sensitive information, was accessed by the threat actor.”
The department also said that security had been boosted and that it had “deployed additional technology to increase the department’s capability to proactively detect and respond to threats”.
However, despite the Home Affairs investigation not turning up a culprit, the pro-Russian hacktivist group Noname057(16) took responsibility for the hack at the time. The group boasted on its Telegram channel on 5 October 2023 that it was responsible for taking down the government site.
“A state from the distant mainland of Australia decided to keep up with the global Russophobic trend and announced the transfer of the Slinger ‘drone killer system’ to Kyiv,” Noname057(16) said at the time.
“It’s a shame (not really) that Australia doesn’t have systems in place to track our DDoS attacks!”
The justification for the attack was Australia’s support of Ukraine against the illegal Russian invasion. Three Slinger systems – a lightweight 30mm cannon system made by Canberra-based Electro Optic Systems Defence Systems – were ordered by Ukraine earlier in 2023, and a total of 10 Slingers were expected to be sent to Ukraine by the end of last year.
Noname057(16) has been in operation since March of 2022 and has been responsible for a raft of DDoS attacks against targets in the US, Europe, and elsewhere.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.