"There is already a lot that we do online and a lot of work we do with our five eyes partners in this regard to either proactively neutralise the threat or deal with it as it becomes evident," Mr Dutton said.

National security experts said while Defence had a solid cyber security regime, it was badly exposed due to poor practices among many of its small and mid-tier suppliers.

These problems were highlighted by Mr Keelty's review, which took more than a year to complete and led to the establishment of a taskforce responsible for plugging the holes.

The task force's work and the initial review are classified and will not be made public, the Department said in a statement. It added the taskforce was scheduled to complete its upgrade of cyber defences by the end of this year.

Why private health funds love ‘virtual hospitals’ Chinese spies responsible for surge in cyber hacking Healthcare disruptors making the sector more efficient CHINA’S CYBER WARS How cancer spawned a healthcare app Retaliatory cyber attacks are only way to stop China

"The review was wide-ranging and designed to ensure Defence security policies, systems and procedures were appropriate for the contemporary security environment," a Defence spokesman said.

"It was not conducted as a result of a specific threat or incident."

Defence and national security sources said a key recommendation of the Keelty review, being implemented by the taskforce, was forcing suppliers to adopt higher security standards in order to win contracts with the Department.


Cloud Hopper

Adrian Nish, the head of threat intelligence at British defence contractor BAE Systems and the author of a comprehensive report on state-sponsored hacking, said Western defence industry contractors were the original targets of the so called "Cloud Hopper" attacks, first noticed in 2009.

Home Affairs Minister Peter Dutton has confirmed the effort to improve cyber infrastructure, revealing ASIO had been tasked with helping Defence contractors improve security and combat intrusions. DEAN LEWINS

"Cloud Hopper" refers to the technique used by the Chinese group known as APT10 or Stone Panda to "hop" from cloud storage services into the main IT system of a department or company.

Mr Nish said the Cloud Hopper group had broadened its hacking from defence contractors to mining, engineering and professional service companies in recent years.

"It is still active," he said noting the group was continuing to target outsourced IT services as way to penetrate the main network of an organisation.

Mike Sentonas, a vice-president at cyber security firm CrowdStrike who has linked the Cloud Hopper attacks with China's Ministry of State Security (MSS), said Defence and other government departments had advanced protections in place and so hackers needed to find another entry point.

The hackers are understood to have used procurement interfaces and email contact between contractors and department officials as a backdoor to enter Defence's systems. Bill Hinton Photography


He said hackers focused on third-party suppliers as a way to "exploit the trust between an organisation, or government department and its business and technology providers".

The MSS has been accused of overseeing a surge in attacks on Australian companies over the 12 months, in direct violation of a cyber security pact struck only last year between Beijing and Canberra.

The lack of attention to cyber security among government contractors was exposed last October when a Polish researcher discovered a cache of data left open in an Amazon's cloud storage facility.

This included names, login information, phone numbers and credit card details for employees at the Department of Finance, Australian Electoral Commission and the National Disability Insurance Scheme, along with corporates AMP and UGL.

Other confidential information around salary, travel and invoices was also left unsecured.

"It wasn't a hack or something sophisticated," says the researcher who discovered the security flaw and goes by the name Wojciech.

"It was just one small fault, which could lead to havoc in these organisations."

Wojciech, who identified himself as a so called "white hat" or ethical hacker, alerted the Australian Signals Directorate (ASD) to the poor security at the time.

ASD said it alerted the third-party contractor, which has never been identified, and the problems were fixed.

Crucially, however, ASD would not say if anyone else accessed the information prior to Wojciech identifying the problem. Speculation around Canberra is that other, more hostile, actors accessed the data, which could have been used for inserting Malware or gathering human intelligence.