A criminal stole “a significant amount of data” in a hacking attack that targeted one of the busiest airports in Australia.
According to The West Australian, the breach occurred in March 2016 when a Vietnamese man named Le Duc Hoang Hai abused a third-party contractor’s credentials to access the systems at Perth Airport, the fourth busiest airport in Australia. Kevin Brown, chief executive of the airport, says Perth’s IT team ultimately detected the breach and notified both the Australian Cyber Security Centre and the Australian Federal Police. As quoted in a statement provided to 9News Australia:
The assistance and hard work of these two agencies has resulted in the successful identification and prosecution of the individual responsible for the cyber intrusion. Based on evidence gathered by the Australian Federal Police, it appears that credit card theft was the motivation for the illegal accessing of our system. No personal data of members of the public, such as details of credit card numbers, was accessed but other Perth Airport documents were taken.
Those documents included building schematics and details of physical security measures that staff had implemented at the airport.
Upon hearing from Perth Airport, the Australian Cyber Security Centre and the Australian Federal Police traced the attack back to Vietnam and tipped off local authorities. Vietnamese law enforcement subsequently began looking into the matter. Their investigation identified 31-year-old Hai as the culprit responsible for hacking not only Perth but also additional targets in Vietnam including banks and an online military newspaper.
Perth was Hai’s only Australian target.
Vietnamese police thereafter arrested Hai. In early December 2017, a military court ordered him to serve four years in prison for his digital offenses.
Prime Minister Malcolm Turnbull’s digital security adviser Alastair MacGibbon hasn’t found any evidence that Hai was working as part of a larger group or sold the stolen information. Even so, the hack to him constitutes “a sign of the type of work we are going to be doing a lot more of in the future.” That includes improving the security measures at Perth and other airports regarding what types of information third-party contractors can access.
This isn’t the first security incident to expose an airport’s sensitive data. News of this attack comes less than two months after Britain’s largest and busiest airport launched an investigation to determine how someone found a USB containing 2.5GB of its data on the street. That data included maps of CCTV cameras and other security measures.