Written by staff writer.
The newly appointed National Cyber Security Co-ordinator says briefings from the Department of Home Affairs and HWL Ebsworth are among his top priorities. In his first public statement since taking up the role, Air Marshall Darren Goldie said via his official Twitter account on July 5 that the briefings were his “first order of business.”
“A number of Australian government entities have been impacted by the HWL Ebsworth cyber incident, with sensitive personal and government information released,” he said.
The April cyberattack on the law firm’s servers in Melbourne resulted in the theft of 3.6 terabytes of data, including sensitive information about the law firm’s work with approximately 60 government departments and agencies, plus scores of private clients, including many ASX-listed companies.
“I am actively engaging with HWL Ebsworth to understand the complete picture of this incident, including how their private industry clients have been impacted, as the data analysis continues,” said Goldie.
When Home Affairs Minister Clare O’Neil announced the appointment of Goldie to the freshly created co-ordinator’s role, she said the HWL Ebsworth attack was among the most significant experienced in Australia. “The Australian government is deeply concerned about it,” the minister said. “I would place it in the realm of the most significant cyber incidents that we’ve experienced as a country over the last year, along with Latitude, Optus and Medibank.’’
The Russia-aligned hacking group, BlackCat, a.k.a. AlphV, was behind the attack and has so far released around one-third of the stolen data after companies refused to meet ransom demands. BlackCat claims to have sensitive documents pertaining to the Australian Federal Police and Australian Defence Force, including information on military hardware acquisition programs, the Woomera missile site, immigration detention sites, and diplomatic initiatives.
“HWL Ebsworth is working with the Department to address the impacts arising from the incident,” said Goldie. HWL Ebsworth is one of the largest law firms in Australia and generates a significant volume of its fees from government work. The law firm has said little publicly about the attack, and its website contains a generic advisory that says a comprehensive investigation into the nature and impact of the cyber-attack is underway. “We are conducting a detailed and comprehensive review of the impacted data and informing impacted third parties and individuals as swiftly as we can,” a statement reads.
Despite Goldie’s appointment, Opposition cybersecurity spokesperson Senator James Paterson accuses the Albanese government of being on the back foot regarding the HWL Ebsworth matter and cybersecurity in general.
“It is not good enough that we keep learning by a drip feed in the media every week of a new government agency, or new pieces of sensitive information they were holding, that has been breached in the HWL Ebsworth attack,” he told media this week. “The government remains on the back foot, reacting to this crisis as it evolves. It’s long past time they fronted up and explained what they know about the severity of this attack and what sensitive information has been compromised.”
HWL Ebsworth says it has no intention of paying any ransom, arguing it would be unethical to do so and, given the option, would opt for sensitive client data to be released into the public domain instead.