• Enjoy the freedom to innovate and grow your business


    [ad] With Microsoft Azure you have hybrid cloud flexibility, allowing your platform to span your cloud and on premise data centre. Learn more at microsoftcloud.com.

  • IT Admin: No Time to Save Time?


    [ad] Do you spend too much time patching machines or cleaning up after virus attacks? With automation controlled from a central IT management console accessible anytime, anywhere – you can save time for bigger tasks. Try simple IT management from GFI Cloud and start saving time today!

  • Free Forrester analysis of CRM solutions


    [ad] In this 25 page report, independent analyst house Forrester evaluates 18 significant products in the customer relationship management space from a broad range of vendors, detailing its findings on how CRM suites measure up and plotting where they stand in relation to each other. Download it for free now.

  • Great articles on other sites
  • RSS Great articles on other sites


  • Reader giveaway: Google Nexus 5


    We’re big fans of Google’s Nexus line-up in general at Delimiter towers. Nexus 4, Nexus 7, Nexus 10 … we love pretty much anything Nexus. Because of this we've kicked off a new competition to give away one of Google’s new Nexus 5 smartphones to a lucky reader. Click here to enter.

  • Blog, Enterprise IT, Security - Written by on Monday, February 11, 2013 16:03 - 3 Comments

    ATO suffers minor IT security breach

    tax1

    blog We’re constantly hearing more and more about how “cyber” security is the next big bad, but concrete examples of how Australian Government infrastructure has been broken into are still thin on the ground. One incident to pop up last week has been what appears to be a relatively minor breach of an Australian Taxation Office portal through the logins of a number of tax agents. The Sydney Morning Herald reports (we recommend you click here for the full article):

    “Fears have been raised about the security of Australian taxpayers’ information after four tax agents’ account details were illegally used by third parties.”

    The SMH report was quite sensationalist in nature (we know, not surprisingly for the newspaper), but it does look like quite a substantial amount of investigation has been carried out into what took place here. Also, note that we may see more on this in future, as the SMH reporter who wrote the story has filed a Freedom of Information request for further information from the ATO. However, the ATO doesn’t feel as though the SMH got everything right, and has issued its own statement on the situation:

    “It has been reported today that taxpayer information is at risk after criminals stole the identity of four tax agents. The report suggested that all Australian taxpayers’ information was under threat. This is incorrect. The identities of four tax agents were stolen and used to fraudulently obtain AUSkeys giving access to specialist tax agent online services (tax agent portal).

    The ATO has contained the threat and cancelled the AUSkeys. We are working with the affected tax agents to ensure their practices and information is secure. Doing business online has benefits, but it also comes with risks. People looking to commit identity fraud constantly look for ways to profit so it is critical to remain vigilant regarding your personal information and online security. Online fraud can be complex and multilayered. We are investigating the incident and working with relevant law enforcement agencies.”

    So where’s the truth here? We suspect it’s somewhere in the middle between these two views. Was this a serious breach, with the taxation files of millions of Australians at risk? Not really. The ATO’s systems look to be a little bet better protected than that. But equally, was this just an incident of no consequence? Again, not really. The intrusion did have the potential to see some sensitive tax information stolen.

    In our experience, this kind of outcome is pretty much the norm in the IT security industry. When a break-in initially occurs, it’s panic stations, followed by a gradually calm-down as the realisation hits that nothing that sensitive was accessed. It will be interesting to see if more such security breaches occur over the next few years in the Federal Government.

    Image credit: Matt Aiello, royalty free

    submit to reddit

    3 Comments

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. GongGav
      Posted 11/02/2013 at 7:19 pm | Permalink |

      Not sure how much I can say, but the blunt reality is that the risk to taxpayers was very very small. You’ve pretty much nailed it Renai, it wasnt an overly serious issue, but equally there will naturally be consequences.

      Look at it a different way. The ATO discovered the issue very early on, and acted on it accordingly. So as something that (sadly) is relatively common in IT security, at least they were able to head it off before it escalated to Sony-esque proportions.

    2. Stephen H
      Posted 12/02/2013 at 10:30 am | Permalink |

      Given reports from the US of how hackers have managed to penetrate government agencies, it seems the only real protection is to avoid attracting hackers’ attention. If they want to break in, they will.

    3. Posted 12/02/2013 at 10:49 am | Permalink |

      It would be interesting to know whether this is a social breach (ie a laptop was stolen that contained the Auskeys), Third party software was hacked (and they obtained the Auskeys that way), or if it is a breach of Auskey itself?




    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:


  • Most Popular Content


  • Six smart secrets for nurturing customer relationships
    [ad] Today, we are experiencing a world where behind every app, every device, and every connection, is a customer. Your customers will demand you to be where they and managing customer relationship is the key to your business’s growth. The question is where do you start? Click here to download six free whitepapers to help you connect with your customers in a whole new way.
  • Enterprise IT stories

    • Greens claim NSW LMBR project turning into a disaster sydney

      The NSW Greens late last week claimed to have obtained documents showing that the NSW Department of Education and Communities’ wide-ranging Learning Management and Business Reform program, which involves a number of rolling upgrades of business administration software, was deployed before it was ready, with “appalling consequences for administrative staff, principals, teachers and students”.

    • NSW Govt trials inter-truck safety devices trucks-cohda

      The New South Wales Government has inked a contract with connected vehicle technology supplier Cohda Wireless, as part of a trial of so-called Cooperative Intelligent Transport Systems (C-ITS) which allow heavy vehicles to communicate directly with each other about their position on the road to help reduce road accidents.

    • Victoria finally kills $180m Ultranet disaster thumbsdown1

      The Victorian Government has reportedly terminated its disastrous Ultranet schools portal, which ballooned in cost to $180 million over the past seven years but ended up being barely used by the education stakeholders it was supposed to serve.

    • NetSuite in whole of business TurboSmart deal turbosmart

      Business-focused software as a service giant NetSuite has unveiled yet another win with a mid-sized Australian company, revealing a deal with automotive performance products manufacturer Turbosmart that has seen the company deploy a comprehensive suite of NetSuite products across its business.

    • WA Health told: Hire a goddamn CIO already doctor

      A state parliamentary committee has told Western Australia’s Department of Health to end four years of acting appointments and hire a permanent CIO, in the wake of news that the lack of such an executive role in the department contributed directly to the fiasco at the state’s new Fiona Stanley Hospital, much of which has revolved around poorly delivered IT systems.

    • Former whole of Qld Govt CIO Grant resigns petergrant

      High-flying IT executive Peter Grant has left his senior position in the Queensland State Government, a year after the state demoted him from the whole of government chief information officer role he had held for the second time.

    • Hills dumped $18m ERP/CRM rollout for Salesforce.com hills

      According to a blog post published by Salesforce.com today, one of Ted Pretty’s first moves upon taking up managing director role at iconic Australian brand Hills in 2012 was to halt an expensive traditional business software project and call Salesforce.com instead.

    • Dropbox opens Sydney office koalabox

      Cloud computing storage player Dropbox has announced it is opening an office in Sydney, as competition in the local enterprise cloud storage market accelerates.

    • Heartbleed, internal outages: CBA’s horror 24 hours commbankatm

      The Commonwealth Bank’s IT division has suffered something of a nightmare 24 hours, with a catastrophic internal IT outage taking down multiple systems and resulting in physical branches being offline, and the bank separately suffering public opprobrium stemming from contradictory statements it made with respect to potential vulnerabilities stemming from the Heartbleed OpenSSL bug.

    • Android in the enterprise: Three Aussie examples from Samsung androidapple

      Forget iOS and Windows. Today we present three decently sized deployments of Android in the Australian market on Samsung’s hardware, which the Korean vendor has dug up from its archives over the past several years for us after a little prompting :)

  • Enterprise IT, News - Apr 23, 2014 15:58 - 3 Comments

    Greens claim NSW LMBR project turning into a disaster

    More In Enterprise IT


    Blog, Telecommunications - Apr 24, 2014 14:00 - 7 Comments

    iiNet to splurge $350m on content, media

    More In Telecommunications


    Analysis, Industry - Apr 24, 2014 16:05 - 0 Comments

    Free to fail: Why corporates are learning to love venture capital

    More In Industry


    Blog, Digital Rights - Apr 23, 2014 12:57 - 32 Comments

    Cinema execs blame piracy for $20 ticket prices

    More In Digital Rights