loader gif

Department of Parliamentary Services says February attack was 'detected early'

Department of Parliamentary Services says February attack was 'detected early' (Incident Response, Learnings)

The claimed state actor that hit Australia's Parliament and its major parties last month was detected early, Secretary for the Department of Parliamentary Services (DPS) Rob Stefanic has said. The inquiry is following up on a July 2018 Auditor-General's report that focused on the security posture of the Department of the Treasury, National Archives of Australia, and Geoscience Australia, with DPS added later on. The report found Treasury was compliant with the Australian Signals Directorate's (ASD) Top 4 mitigated strategies and was cyber resilient, the top level available, while the National Archives had "sound ICT general controls" but was not compliant with the Top 4, and Geoscience Australia was found to be vulnerable to cyber attacks. For its part, Geoscience Australia said it will complete a security improvement program in June 2020 that will implement the Top Four, with the non-mandatory parts of the Essential Eight to be "configured appropriately". Australia should name parliament cyber attackers Prime Minister Scott Morrison has said a sophisticated state actor also hit the networks of Australia's political parties when it attacked the parliamentary network.

loader gif