Earlier this year, Australia’s Federal Parliament reported that the Australian Cyber Security Centre had identified a ‘malicious intrusion’ into the Australian Parliament House computer network, as well as the network of certain political parties (Liberal, Labor and National parties).
The intrusion resulted in a small amount of non-sensitive data being taken from two senators and a number of lower house members. The Department of Parliamentary Services (DPS) became aware of the incident on 31 January, and the attacker was removed on 8 February.
More information has recently come to light regarding specific details of the breach. The Hon. Scott Ryan, President of the Senate, has revealed that the data taken was in relation to DPS corporate data, and data related to a small number of parliamentarians. The cause of the breach has attributed to “a small number of users [who] visited a legitimate external website that had been compromised. This caused malware to be injected into the Parliamentary Computing Network”.
This is a reminder that caution should be exercised at all times with respect to cyber security. Even a legitimate site can be compromised, leading to a cyber breach. Lavan recommends that the most effective method to preventing cyber breaches, and then mitigating any damage should a breach occur, is through a holistic approach. Organisations must provide adequate training and education for staff, invest in cyber-security technology, and create and Cyber Emergency Response Plan. Lavan can assist in each of these areas. If you have any questions in relation to this article, please contact Iain Freeman or Lorraine Madden.