NSW Government Agency’s 49-Day Hack Shows Need for Cyber Security Improvement

A recent report on cyber-security in the public service has stated that it took one NSW Government around 49 days to shut down a hack!
This attempted financial fraud that took place in the year 2017 involved the IT systems provider of a government agency and was attempting to spread it around before it was tracked, stopped and finally shut down. This case study is actually a part of a recent report by the state’s auditor, General Margaret Crawford.
She called for quick and immediate improvements in the ability of public sectors to combat problems of this nature. She was of the view that presently, there is a risk that these frauds and cyber-security crimes will go on for a longer period than they actually should. These cyber-security crimes threaten the government and may even cause harm to government service delivery resulting in the hacking of personal information, confidential data, and denial of access to technology.
In this particular incident, the hacked account sent out around 450 bogus emails.
This case study basically started with a compromised email ID and led to a shut-down of this agency’s financial payment system.
Six days later, the hacked account sent bogus emails which were meant to deceive the recipient in a bid to get the credentials of the finance staff.
Two weeks later, the agency’s IT provider found a bogus invoice and raised the particular incident to major status.
All the email account users of the agency were strictly advised to change their passwords but even after this measure, by the 20th day, the hacked account had sent 450 bogus messages and almost 300 staff members had clicked on the link that the email carried.
Cutting the long story short, the agency’s payments gateway was finally re-opened after a lot of effort on the 49th day!
This incident indicated the loopholes that the agency had in its IT security system and highlighted the fact that it needed to be upgraded immediately to avoid any such unpleasant incidents in the future.

Source: http://www.abc.net.au/news/2018-03-02/cyber-security-in-nsw-public-sector-needs-improvement/9503250

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients