Australia’s first national cyber crisis: Malicious intrusion into the Australian Parliament House computer network: ASD Annual Report 2018 – 2019


Reference to the ASD Annual Report, dated 10 October 2019, and the opening summary by Lieutenant-General John Frewen, Acting Director-General, “throughout 2018–19, Australia was targeted by a range of actors who conducted persistent cyber operations that posed significant threats to Australia’s national security and economic prosperity. The most concerning activity was the deliberate targeting of private and public sector organisations for valuable intellectual property, the personal information of Australians, and Australian Government and Defence information…There were significant phishing campaigns, business email compromises, cryptocurrency mining, credential harvesting and the use of ransomware.

It is clear that ASD’s operating environment will remain complex and challenging. We are mindful of major shifts in the strategic landscape, including security and stability across the Indo-Pacific. We face a rising threat to our national security, economic prosperity and social wellbeing from foreign interference, espionage and cybercrime.”

During 2018–19, the ACSC responded to 2164 incidents of varying significance, including Australia’s first national cyber crisis (C1). The C1 incident saw the ACSC operate at a heightened state of activity to provide advice and assistance to Australia’s major political parties and government agencies after they were targeted by a sophisticated state-sponsored actor. see Case study 1: Malicious intrusion into the Australian Parliament House computer network.

Of the other incidents reported to the ACSC, 40 per cent were for low-level malicious attacks, including targeted reconnaissance, phishing emails and nonsensitive data loss. Members of the public reported the highest number of incidents, making up approximately one quarter of all reports received.

“Cyber Incident Categorisation Matrix,  Includes number of incidents between 1 July 2018 and 30 June 2019.”

A copy of the ASD Annual Report is available at