Parliament now blocking 82 percent of email impersonation attempts

Australia’s Parliament House is now automatically blocking more than 80 percent of emails attempting to impersonate parliamentarians and their staff using the aph.gov.au domain.

President of the senate Slade Brockman told estimates on Monday that the reduction followed the deployment of domain-based message authentication, reporting and conformance (DMARC) in December.

The Department of Parliamentary Services has been working to introduce DMARC, as well as a number of other cyber security enhancements, since receiving funding in the 2020-21 financial year.

DMARC is being used to protect the aph.gov,au domain and to prevent email spoofing and phishing attacks on constituents and other clients.

It has required parliamentarians that use third-party distribution services to create a new email domain to continue sending emails.

Brockman said that since implementing DMARC on December 6, there had been an “82 percent reduction in email traffic attempting to impersonate the aph.gov.au domain”.

"Through standard reporting, DPS identified that DMARC blocked 31,255 emails, down from 181,000 in one week alone, between December 7 and the December 14 last year,” he said.

“The subset of impersonation emails classified as threats has reduced from over 240 per day to less than 40 per day”.

The implementation of DMARC comes almost three years after a high-profile attack against the parliamentary computing network.

The incident, which occurred in February 2019, saw a limited amount of non-confidential data stolen by a state-based actor.

Brockman thanked all parliamentarians and their staff for adapting to what he described as an “essential change”.

“[There is an] ongoing need to guard against cyber intrusion to protect the essential work of all parliamentarians,” he said.

“This is a race that will never end, and ongoing enhancements to cyber security arrangements remain a high priority.”