Pollies to face phishing tests after Parliament breach

By on
Pollies to face phishing tests after Parliament breach

DPS introduce cyber attack simulations.

Parliamentarians and their staff will be subject to phishing email simulations in the wake of the state-sponsored cyber attack against Parliament House earlier this year.

The Department of Parliamentary Services will conduct the simulations as part of a new program to test the cyber security awareness of its more than 4000 parliamentary computing network users.

In a cyber security advisory sent to users today, the department said the initiative was part of a wider drive to “improve cyber security awareness” among its users.

“DPS has implemented a new program that will see simulated cyber-attack emails, known as ‘phising’ emails, sent to parliamentarians and their staff to test reactions and improve awareness of the dangers of this type of cyber attack,” the advisory states.

While the federal government is unlikely to release even a redacted version of the final report, formation of the program suggests the compromise may have occurred after users were directed there by a rogue email.

Senate President Scott Ryan revealed earlier this month that the malware infection was unknowingly caused by a small number of users after they vised an unnamed website that had been compromised.

He said cyber attack, which since been labelled “Australia’s first national cyber crisis” by the Australian Signals Directorate (ASD), caused a limited amount of non-sensitive data to be stolen from DPS and a small number of parliamentarians.

Ryan also revealed that the attack, which was later found to have extended to the networks of the Liberal, Labor and National Parties, took cyber security experts a full nine days to eject that attacker form the network after it was identified.

A state-sponsored actor is still widely believed to have been responsible for the attack, though the federal government is yet to make any attribution claims.

Shadow Assistant Minister for Cyber Security Tim Watts tweeted that the program was a welcome move by DPS to “build the cyber resilience of the Australian Parliament IT systems”.

“Programs like this are common in other jurisdictions and will hopefully help drive behaviour change amongst users of the system,” he said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
cybercyber securitydpsgovernmentitparliamentsecuritystrategy

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform
Telstra to open its 5G network to wholesale customers

Telstra to open its 5G network to wholesale customers
Macquarie Bank creates a broker portal on Salesforce

Macquarie Bank creates a broker portal on Salesforce
Active Directory defaults lead to no-fix PrivEsc vulnerability

Active Directory defaults lead to no-fix PrivEsc vulnerability

Digital Nation

COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner

Log In

  |  Forgot your password?