Share this article on:
Hacking group Noname057(16) has taken down the websites of the Department of Home Affairs, the Administrative Appeals Tribunal, and the Immi Account portal websites in a targeted distributed denial-of-service (DDoS) attack.
On the threat actor’s Telegram channel, the hackers have said that the DDoS attack – which appears to be ongoing – is in retaliation for Australian support of Ukraine’s defensive war against Russia.
“A state from the distant mainland of Australia decided to keep up with the global Russophobic trend and announced the transfer of the Slinger ‘drone killer system’ to Kyiv,” Noname057(16) wrote overnight.
“It’s a shame (not really) that Australia doesn’t have systems in place to track our DDoS attacks!”
The hackers then issued a warning over continued support for Ukraine.
“We remind the Australian authorities that it is necessary to solve the problems of their citizens first, and sucking up to Ukrainian neo-Nazis will only lead to an increase in the number of cyber attacks,” Noname057(16) said.
Also included in the Telegram post was proof of downtime via Check Host, which showed the Home Affairs site down as of Thursday, 5 October, 12:02:23 UTC. As of writing, it still shows the Home Affairs website as down, though the site appears to be coming slowly back online despite being slow to load.
A Home Affairs spokesperson has confirmed that its online portals were disrupted from 10pm on October 5. The department's incident response plan was implemented, and access was restored by today, October 6, at 3:10am.
"The Department of Home Affairs is aware of a distributed denial-of-service (DDoS) attack on the department’s website overnight that briefly prevented access to both the website and online portals," a Home Affairs spokesperson told Cyber Daily.
"No departmental holdings, including personal or sensitive information, were accessed by the threat actor.
"An investigation into the circumstances surrounding the incident is under way, but initial assessments indicate that the DDoS attack was solely designed to prevent access to our websites," the statement concludes.
Slingers on the way
Three of the Slinger systems – a lightweight 30mm cannon system made by Canberra-based Electro Optic Systems Defence Systems – were ordered by Ukraine earlier this year. A total of 10 Slingers are expected to be sent to Ukraine by the end of 2023.
Ukraine’s ambassador to Australia, Vasyl Myroshnychenko, attended a test firing of the weapon system in August. Speaking at the recent Australian Defence Industry Awards, ambassador Myroshnychenko praised the Australian defence industry for its support of Ukraine.
“Ukrainians are extremely grateful for the support that the Australian government has provided – today, it is $890 million of assistance,” ambassador Myroshnychenko said. “Bushmasters have become iconic of the Australian support. That’s really a true demonstration of that Aussie mateship, of that Australian spirit, which is all there.”
Who is behind the hack?
Noname057(16) has been in operation since March of 2022 and has been responsible for a string of DDoS attacks against targets in Europe, the Baltic States, and the United States. The group posted a manifesto justifying their operations against Ukraine’s supporters.
“Hacker group NoName057(16) goes out on the warpath with Ukrainian sub-hackers and their corrupt servants!” the hackers said on their Telegram channel in March 2022. “These admirers of the neo-fascists, who have seized power in Ukraine, are trying to attack the internet resources of our country and intimidate our compatriots with their attacks orchestrated through the social networks and other communication channels.”
“In response to their pathetic efforts, we are conducting massive attacks on Ukropropaganda resources that brazenly lie to people about Russia’s special operation in Ukraine, as well as on the websites of Ukrainian grief-hackers who try to support the neo-Nazi regime of Zelensky and a handful of drug addicts and Nazis from his mob!”
Most recently, NoName057(16) successfully disrupted Poland’s rail network by utilising a simple radio command.
This article was updated on October 6 at 2:09pm to add a response from the Department of Home Affairs.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.