NSW agencies found wanting in privileged access review

By
Follow google news

Undocumented account creation, multiple login attempts not investigated.

A single NSW government agency created three undocumented privileged accounts for two IT projects it ran, one of several dubious practices uncovered in a yearly cross-agency examination.

NSW agencies found wanting in privileged access review

The analysis also found privileged accounts at a second agency were peppered with login attempts until they locked, but that no internal investigation took place.

The two case studies come from an annual audit [pdf] of IT and other controls in place at dozens of NSW government agencies, which regularly picks up control deficiencies.

In the first instance, a staff member working on a system upgrade created an unsanctioned account giving them full access to the agency’s main finance system.

It was only disabled several months later after being flagged by management.

Within another business unit in the same agency, a further two privileged accounts were created - but also not documented - during an IT system change.

“We recommend the agency promptly remove the privileged access for former project staff and vendor staff who no longer require it,” the NSW auditor said.

In the second case study, an unknown party or bot tried repeatedly to access privileged accounts, only for the accounts to be locked due to repeated unsuccessful attempts.

While that stopped the unknown party, the agency was found not to have further investigated the incident.

However, the auditor did note that its own investigation found "the attack was not sophisticated, and did not appear to use any information specific to the agency."

Out of 26 agencies investigated, nine were found to be neither restricting privileged user accounts nor monitoring the accounts.

One of these agencies failed to remove a former user’s access after two years despite repeated requests.

Two other agencies also failed to disable all access once users had left the organisation.

In the auditor's words, the gaps risk “inappropriate and unauthorised access to business systems” and could expose “agencies to the risk of fraud or cyber attacks”.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
governmentnswsecurity

Sponsored Whitepapers

2026 Engineering Reality Report
2026 Engineering Reality Report
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21

Events

Most Read Articles

Tasmanian gov agencies impacted by cyber attack

Tasmanian gov agencies impacted by cyber attack
Australian chief at US defence contractor L3Harris sold exploits to Russia

Australian chief at US defence contractor L3Harris sold exploits to Russia
Vic gov agencies flying blind on server security, audit finds

Vic gov agencies flying blind on server security, audit finds
The BoM has finally tamed SSL

The BoM has finally tamed SSL
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?