By Colin Packham
SYDNEY, Nov 13 (Reuters) – Australia’s chief cyber security said on Tuesday an investigation into the hacking of defence contractor Austal Ltd could take years, rejecting a local media report that his agency had concluded the attack originated from Iran.
Austal said earlier this month hackers had breached its defences to gain access to ship designs and that some staff email addresses and mobile phone numbers were accessed.
The attack triggered an investigation by the Australian Cyber Security Centre (ACSC), the country’s top cyber security unit. The Australian Broadcasting Corporation reported on Tuesday that the ACSC had determined criminals in Iran were behind the attack, but the ACSC rejected the news report.
“Some might have their suspicions but we can’t come to the conclusion that it came from any one country,” Alastair MacGibbon, head of the ACSC, told Reuters.
“It is easy to speculate but attribution can take months, even years.”
While the investigation continues, MacGibbon said the ACSC could yet determine the hack originated from Iran, which has been identified in recent years by Western intelligence services as a major source of cyber attacks.
A spokesman for the Iranian embassy in Canberra told Reuters that the country’s government was not behind the attack, though he acknowledged the presence of cyber criminals.
“It may be someone within Iran but it was not our government,” the spokesman told Reuters.
Austal makes defence vessels for several markets, including the United States. The company said its U.S. business was unaffected by the breach.
(Reporting by Colin Packham)