With local municipalities, there is a local government
managing the business for the town, city, village, etc. Dependent on the size
of the municipality, the required governance may be significant, or lower. As each
of these grows, there tends to be more staffing required, larger networks, and
more responsibility to go around.
National governments are no different. As these have grown,
the infrastructure to support these likewise has grown to a critical mass. As
these agencies grow larger, they also tend to be more of a target. The
Australian parliamentary recently found this out, the hard way, or gave them
the opportunity to review their defensive cybersecurity posture.
As with any national government, there is a substantial
network infrastructure in place to support the computing activities. This was
recently attacked or as they put it, there was a “security incident on the
parliamentary computing network.” While some are calling this an attack, others
are also calling this a breach. The timing for this was curious. This occurred
merely three months prior to the Australian election.
This was not a substantial or prolonged attack. This was
focused on the parliamentary computer network. This includes database and email
systems. The attack occurred overnight. The initial incident response indicated
no data had been exfiltrated. This was still being investigated after the
attack. The authorities are also reviewing if a state actor had been involved.
Unfortunately, the attack methods have not been elaborated on.
This will prove to be the more interesting part. This could also be used as a
teaching tool, so that there would at least be some form of a benefit.
To be conservative and as an abundance of caution, all of
the passwords had to be reset. There were also other measures being worked on
to further secure the network.
This was not a new target. The US government has been hacked
several times over the years, with many different agencies, including the IRS,
OPM, and FDIC, to name a few. The week before the attack the British government
experienced a bit of this when their email and phone contact lists were
attacked. Also, the Scottish parliament email accounts were attacked unsuccessfully
in 2017. This list is not extensive by any means. There have been many more
attacks. Some known, most probably not published.
This exemplifies the need to have exercises for computer
cybersecurity. This requires regular audits and examinations to ensure the
system’s cybersecurity is up to date.
Resources
BeauHD. (2019, February 8). Australian parliamentary network
hacked in possible foreign government attack. Retrieved from https://it.slashdot.org/story/19/02/08/073241/austrailia-parliamentary-network-hacked-in-possible-foreign-government-attack
BBC. (2019, February 8). Australian parliament hit by cyber-hack
attempt. Retrieved from https://www.bbc.com/news/world-australia-47166590
Borys, S. (2019, February 7). China link possible in cyber
attack on Australian parliament computer system, ABC understands. Retrieved
from https://www.abc.net.au/news/2019-02-08/china-government-cyber-security-breach-parliament-hackers/10792938
Central Telegraph. (2019, February 8). China probed in
parliament hack attack. Retrieved from https://www.centraltelegraph.com.au/news/breach-of-federal-parliamentary-computing-network-/3642837/
Moderc, M. (2019, February 8). Australian parliamentary
network hacked; no sign data stolen. Retrieved from https://www.cnbc.com/2019/02/08/australian-parliamentary-network-hacked-no-sign-data-stolen.html
Remeikis, A. (2019, February 7). Australian security
services investigate attempted cyber attack on parliament. Retrieved from https://www.theguardian.com/australian-news/2019/feb/08/asio-australian-security-services-hack-data-breach-investigate-attempted-cyber-attack-parliament
Schwartz, M.J. (2019, February 8). Hack attack breaches Australian
parliament network. Retrieved from https://www.bankinfosecurity.com/hack-attack-breaches-australian-parliament-network-a-12012
The Associated Press. (2019, February 8). Australian
parliamentary network hacked; no sign of data stolen. Retrieved from https://abcnews.go.com/Technology/wireStory/australian-parliamentary-network-hacked-sign-data-stolen-60930659
Wroe, D., & Uhlmann, C. (2019, February 8). Federal MPs’
computer network hacked in possible foreign government attack. Retrieved from https://www.smh.com.au/politics/federal/federal-mps-computer-network-hacked-forcing-passwords-to-be-changed-20190208-p50wgm.html
No comments:
Post a Comment