49-day Hack shows need for cyber security beef up

At that point the agency had found out that about 200 email accounts were under the control of criminals.

Advertisements

It took one NSW Government agency 49 days to shut down a hack by fraudsters, a new report on cyber security in the public service has revealed.

The attempted financial fraud in 2017 involved a government agency and its IT systems provider, and spread to other agencies before it was reported and stopped.

The case study is part of a new report by the state’s auditor-general Margaret Crawford.

She called for urgent improvements in the public sector’s ability to respond to cyber security incidents.

“There is a risk that incidents will go undetected longer than they should, and opportunities to contain and restrict the damage may be lost,” the report said.

“Cyber security incidents can harm government service delivery and may include theft of personal information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.”

Google-Docs-Phishing

Hacked account sent out 450 bogus emails

The 2017 case study started with a compromised email account, and led to led to a shut-down of the agency’s financial payment system.

Six days later, the hacked account sent deceptive emails, known as phishing, in a bid to get the credentials of finance staff.

Two weeks after the initial hack, the agency’s IT provider detected a fraudulent invoice and raised the incident to major status.

Email account users were told to change their passwords, but by day-20, the hacked email account had sent out 450 bogus emails, and 300 staff had clicked on the link inside.

20160628_1516_FTI_Cyber_Security

At that point the agency had found out that about 200 email accounts were under the control of criminals, yet it failed to temporarily lock the accounts.

It was not until day 36 that the IT provider reported the incident to the Government’s chief information security officer.

Six days later, it was found that the account that had been hacked at the start was still compromised.

The agency’s payments gateway, which handled business invoices, staff salaries and superannuation, was finally re-opened on the 49th day.

Click here to go in detail http://snip.ly/cismk

Author: compliance4all

Compliance4All, the ultimate continuing professional education provider offers you regulatory and compliance trainings from the industry's leading experts, but with one crucial difference -the cost. Compliance4All's objective is to be a platform that provides regulatory and compliance trainings with all the class and features that come with these trainings, at a lower price. Compliance4All seeks to make regulatory and compliance trainings low-hanging fruits. Industries We Focus On: • Trade & Logistics • Aerospace Defense • Banking & Insurance • Food & Beverages • Auditing/Accounting & Tax • Energy • Environment • Education • Automotive Transport • Science and Technology • Government • Construction • Electronics & Semiconductor • Operation • Engineering/Science • Purchasing & Vendor Relation • General counsel/Accountant • Geology & Mining • Documentation/Records

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s