SA Govt under constant cyberattack, claims CIO

3

security

in brief South Australia’s outgoing whole of government chief information officer Andrew Mills, who this month took up the same role in Queensland, has dramatically revealed the extent to which the state’s IT infrastructure is being targeted by online attacks against. AdelaideNow conducted an interview with the CIO shortly before his departure. The site reports (we recommend you click here for the full article):

“There were almost 119.5 million unauthorised attempts to access the data network in just one year. Mr Mills … said authorities blocked the majority of “penetrations” on government infrastructure, although specific details were unavailable on how many avoided detection.”

A series of reports by State Government auditors around Australia have over the past several years highlighted the fact that most have severe problems keeping their IT infrastructure secure.

For example, in June 2011, Western Australia’s auditor-general handed down a landmark report which detailed the fact that none of a wide range of government departments and agencies in the state were currently able to prevent basic cyber-attacks against their IT infrastructure — or even detect that they had taken place. The situation had not improved much by mid-2013.

In October 2010, NSW’s auditor-general Peter Achterstraat rubbished the State Government’s IT security procedures in a new report, saying the state could not guarantee to its residents that it was keeping their information secure and away from prying eyes. And in December 2013, an audit of the Victorian Government’s IT security defences and ability to respond to major cyber-attacks found it woefully unprepared, with its IT systems suffering over 100 “serious breaches” and the state unprepared for any serious online attack.

In another example, in June 2013, an audit of the Queensland Government’s IT infrastructure found that some of the state’s departments were home to botnets and contained woefully out of date and un-patched public-facing software. At the time there were concerns that some of the state’s IT systems were actually attacking others.

3 COMMENTS

  1. probably 90%+ of them attacks were no doubt ports scans and the usual type of things like that, Welcome to the internet.

    How about details of what were real attacks, as opposed to script kiddies.

    • Precisely. Categorising and recognising this kind of thing is beyond the capability of the regular media. I don’t see how it can ever change unfortunately.

  2. Also keep in mind that the Office of the CIO reports attacks to agencies within the SA Govt. Network, and those “attacks” are actually approved and permitted SSH sessions to external hosts, or web request and other completely normal, permitted things.

    The Office of the CIO also only sees external attacks (eg Internet), it has no visibility into the more sensitive agencies with their own monitoring/protection such as Justice/Health/Police etc.

    The statistics are incorrect, and incomplete.

    On a good note, it raises awareness.

Comments are closed.