WA parliament breached by undetected virus

A cybersecurity breach that led to a shut down of communications in the West Australian parliament on Tuesday night has been blamed on an undiscovered virus. 

According to a report first published by the ABC, the state parliament's website, as well as phone and internet communications, were shut down following a security breach. 

The services were progressively restored on Wednesday, with Legislative Assembly proceedings at Midday proceeding as scheduled. 

WA's deputy executive manager of parliamentary dervices, Rob Hunter, told iTnews the parliament's IT network was disabled after the virus was identified to allow for a proper diagnosis to occur. 

"On Tuesday 16 February 2016 at approximately 9pm our IT system firewall was penetrated by a virus and it affected a small number of PCs that connect to our network," Hunter said. 

"Essentially it was a new virus where the variant had not been identified or resolved. It has now been resolved and reported in the usual fashion for worldwide circulation. 

"The virus was identified very quickly as posing a threat to parliament’s core data store." 

Hunter said diagnosis of the issue continued into the night and again early Wednesday morning, when the parliament's vendors were able to provide specialised technical input. 

"Our interim processes, until the network was returned, ensured that the business of parliament continued and the use of alternative technologies meant scheduled  committee meetings and chambers were able to function," he said. 

"While this caused some inconvenience, the parliamentary [IT] team is accustomed to working through problems and shut down our network immediately until we were sure the system was safe." 

According to Hunter, there was no loss of data and sensitive materials were not compromised as a result of the attack, and the issue has since been resolved. 

While declining to detail the precise security measures used by the parliament, he said it has "sophisticated systems in addition to the standard suite of protections available in the market". 

The speed with which the incident was detected is being interpreted by staff as an indication that preparatory risk management mitigations that were in place were effective. 

"I wish to acknowledge the combined efforts of our staff who worked hard to resolve the matter quickly. The restoration of our systems in such a short period is testimony to the strength of processes we have in place," Hunter said. 

The latest incident follows a series of WA Auditor-General’s reports, which have given the state government's cyber security a fail mark.

Hunter said parliamentary IT staff are cognisant of all of the issues raised in the report, and that appropriate measures in place.  

In a separate report presented in November last year, the Auditor-General's office revealed it was able to break into two sensitive state government networks by successfully guessing the passwords for the admin account were ‘password’. 

Poor password practices were not a factor in the latest incident, according to Hunter, who said "we have very good password management".