Independent MP Zali Steggall’s WhatsApp account was hacked in March as part of a phishing scheme believed to have been orchestrated by the Russian government that led to the messaging platform being blocked on parliamentary laptops.
Officials from the Department of Parliamentary Services revealed at Senate estimates hearings on Monday that the WhatsApp accounts of a federal politician and three staff members were breached by a foreign state actor.
Both personal and government-provided devices were breached in the hacking scheme, prompting access to be shut for several days on laptops provided to federal politicians, their staff and public servants.
Steggall, who was in the headlines on Monday over reports that teal independents could form a political party, confirmed to this masthead that she had been hacked this year.
“My WhatsApp account was targeted as part of a broader cyber incident affecting parliamentarians and staff,” Steggall, the member for Warringah, said.
“The matter was immediately reported to the relevant parliamentary authority and the account was secured.”
WhatsApp is owned by Meta, the parent company of Facebook.
Opposition special minister of state James McGrath said the hacking incident was “just the latest failure in a series of events that are becoming far too frequent and putting parliamentarians and their staff at risk”.
Parliamentary sources, speaking on condition of anonymity, said the foreign state actor had not been officially identified but was widely believed to be Russia.
The FBI issued a public warning in March “about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services targeting commercial messaging applications”.
Two Dutch intelligence agencies warned in the same month that Russian intelligence operatives had “engaged in a large-scale global attempt” to take over WhatsApp and Signal accounts, including targeting high-profile individuals.
It was reported in April that the Signal accounts of hundreds of people in Germany – including the president of the federal parliament, other current parliamentarians and former intelligence chiefs – had been hacked.
“Although no one in Germany confirms this officially, authorities are quite confident Russia is behind the attack,” German newspaper Süddeutsche Zeitung reported.
The hacking victims received warnings purportedly from Signal support claiming someone had tried to take over their account and asking them to confirm access with a code. Those who complied gave attackers access to their Signal communications and contact lists.
This masthead reported in March that the Department of Parliamentary Services told staff it was temporarily blocking WhatsApp access on laptops on the parliamentary computing network because of phishing concerns.
“This is a temporary preventative measure to reduce risk,” the department said.
“Further updates will be provided once the assessment is complete.”
From our partners
Read the full article here
