"This tradecraft is good. This actor is good," a senior intelligence source said. "It’s been a long time since we’ve been focused on an actor who has this level of sophistication." They have stressed they don't yet have the evidence to name a country. But China has been behind previous cyber attacks on Australian government systems including a 2011 hacking of the federal parliamentary email network and the 2015 hacking of the Bureau of Meteorology. The attacks raise significant questions about political parties' cyber security, with one leading expert - the Australian Strategic Policy Institute's Fergus Hanson - saying they were "sitting ducks". Prime Minister Scott Morrison revealed the cyber attacks on major parties to Parliament on Monday. Credit:Alex Ellinghausen There is no sign the Australian Electoral Commission has been affected.

Major parties have full access to the electoral roll and also gather extensive data on voters in order to target them during campaigns. It is understood the Liberal and National parties were more significantly affected than Labor. Cyber authorities from the Australian Signals Directorate discovered the attacks on political parties when they were investigating a breach of Federal Parliament’s computer network, which was made public earlier this month. Special Minister of State Alex Hawke, who is responsible for party funding, said the government would look at the reports about the attacks and "if more resources are needed, we'll consider that". Alastair MacGibbon, National Security Adviser and Head of the Australian Cyber Security Centre, addresses the media on the cyber attack. Credit:Alex Ellinghausen Prime Minister Scott Morrison announced the bombshell to Parliament on Monday, saying he had directed the government’s Australian Cyber Security Centre to help any party with "immediate support, including making their technical experts available".

The head of that centre, Alastair MacGibbon, said there was "no evidence that this is an attempt to interfere in our electoral processes". Loading But he also said: "We don’t know who is behind this, nor their intent." Asked what the hackers has accessed, he said: "We don’t know. These are very early days and a decision was made ... to go public and to take overt action to secure these systems." Asked if an MP could be blackmailed, he said: "We genuinely do not know."

Mr MacGibbon said that by moving quickly to neutralise the threat, authorities made a calculated decision to sacrifice some forensic evidence in a "risk-management exercise". Opposition Leader Bill Shorten said security agencies should not just be advising political parties but "actively assisting in their defence". "Political parties are small organisations, with only a few full-time staff. Yet they collect, store and use large amounts of information about voters and communities," he said. "These institutions can be a soft target." It is understood the hacker started prodding around the parliamentary and party systems in mid-November but the more serious action came in recent weeks. The malware’s signature is new and has not been seen before by Australian cyber spies.

It's understood an attack of this sort is seen as firstly an espionage operation. But any data stolen could be released to compromise or embarrass a political party or individual, at which point it would become interference, echoing Russia’s 2016 meddling in the US presidential election. Loading The skill was demonstrated by how the hackers got in and out, how they exercised so called "command and control" to direct the malware, and how they covered their tracks. ASPI’s Mr Hanson said the government was "splitting hairs" by saying there was no evidence of political interference when the three major parties had been hacked. "It’s pretty hard to see how we could possibly be talking about anything other than political interference,” he said.

The Coalition gave each of the major parties $75,000 in the last budget to improve their cyber security but Mr Hanson said this was not enough. "They’re sitting ducks … These are tiny, shoestring organisations that temporarily surge into massive organs during elections then disappear again into nothing. "They just aren’t equipped to handle complex and secure systems … The whole approach needs to be rethought." This could include an independent agency or more taxpayer funding for parties’ cyber security. Steve Ledzian, Asia-Pacific chief technology officer with the respect cyber security firm FireEye, said that even if there was no evidence of election interference, "the ramifications of intelligence collection may not be immediately evident".