Australian Parliament House

Summary

The Australian Parliament House network was breached by what security agencies assessed to be a state-sponsored actor in early February 2019. The attack compromised the computer systems of major political parties including the Liberal, Labor, and National parties, accessing email accounts and parliamentary systems. This represents one of the most serious cyber attacks on Australian democratic institutions.

Attack Vector

Hacking (State-Sponsored). A sophisticated state actor, widely reported to be linked to China, penetrated the Australian Parliamentary Computer Network (APCN) by exploiting vulnerabilities in Citrix software to gain remote access. The attackers gained access to email systems and may have maintained access for an extended period before detection. The attack used advanced persistent threat (APT) techniques characteristic of state-sponsored operations.

Consumer Impact

• National Security: This was an attack on democratic institutions rather than individual citizens
• Political Intelligence: Sensitive political communications, strategy documents, and party records may have been accessed
• Democratic Process: The breach raised serious concerns about foreign intelligence gathering on Australian political processes

Response

The Australian Cyber Security Centre (ACSC) led the response, immediately isolating affected systems and forcing a complete password reset across the parliamentary network. Prime Minister Scott Morrison publicly acknowledged the breach, describing it as a "malicious intrusion" by a "sophisticated state actor." The Australian Signals Directorate (ASD) conducted a full forensic investigation. Enhanced security measures were implemented across all parliamentary IT systems, including improved access controls, monitoring, and security training. The incident prompted a broader review of cybersecurity across federal government agencies.