In its statement sent to iTWire, (and presumably other media organisations), the ASD said, in part: "Proper and accurate attribution of a cyber incident takes time."
But the ABC apparently has better sources than the ASD because the taxpayer-funded broadcaster had already decided that China was behind the hack.
In its noon bulletin, hardly two hours after the news broke, ABC threw to its China correspondent, Bill Birtles, and asked him what China's reaction to the hack was.
Given that the hacked network is used by all parliamentarians, and an election is expected in May, anyone who breaks in could well be looking for dirt on some politicians in order to use it to advantage during the election campaign.
This is the most plausible explanation for a hack taking place at this time, and of this network.
And given that voting is compulsory in Australia — or at least showing up at a polling booth and getting one's name ticked off is a must if one wishes to avoid a fine — the extent to which any outside party can influence an election is much more limited than in the case of a country like the US where voting is left to individual whims.
This is not to say that China is ruled out as the country behind the hack – but it could also be any one of a dozen other countries, not to mention private operators who are acting on behalf of an Australian political party. It could be someone who just wants to show that the parliament network has poor security, despite promises of its being beefed up after some earlier intrusions.
But the overriding fact is that one cannot attribute a network attack to anyone or any nation so fast – and even attribution done after months of painstaking work is often based on evidence that is, at best, flimsy.
The ABC only had to ask somebody who has some experience in network security and does not have an agenda. Instead it spoke to Fergus Hanson, the head of the International Cyber Policy Centre at the Australia Strategic Policy Institute, a lobby group for big defence outfits, and he stayed in line with the prevailing ABC wisdom – or lack of it, thereof.
The head of ASPI, Peter Jennings, had earlier gone on record with The Australian, saying that the fact that all parliamentarians had been asked to reset their passwords was an indication that this was a serious breach.
“If it has led to everyone having to change their passwords on the system that suggests there has been a reasonably serious breach and therefore you would have to question how adequate was the protection to begin with,” Jennings was quoted as saying.
In reality, changing passwords after a breach is an indication that the investigators are fairly sure that there has been no deep intrusion made into the system; it is the first bit of network hygiene, as even a junior sysadmin would confirm.
The ABC claims it is the most trusted source for news in Australia. If it continues in this jingoistic vein, it may well have to revise that slogan a fair bit.