DTA In Firing Line As ASD Investigates Parlt. Security Breach
IT security arrangements at Parliament House, as well as government contractors, are under scrutiny from the Australian Signals Directorate after a cyber-attack yesterday was blamed on a “state-backed actor”.
The attack came just a day after the Nine Entertainment Group was hit with what it said was a ransomware attack – though no ransom was demanded.
Assistant Minister for Defence Andrew Hastie says the attack on Parliament’s IT and e-mail systems was related to an “external provider”, but didn’t reveal the name of that provider.
The attack stymied parliamentary business, including parts relating to ministerial staff, for at least two days, and possibly longer.
A list of companies providing services to the government reads like a who’s who of the IT world.
Amazon, Microsoft – the latter already having trouble with vulnerabilities in its Exchange Server – IBM, SAP and other companies provide a range of services from data management, cloud storage, software, marketing, telecommunications and more.
Any investigation is certain to focus on the Digital Transformation Agency, which oversees federal government contractors.
The agency’s CEO, Randall Brugeaud, was criticised during Senate estimates by Labor’s Tim Ayres in early March for what he called the agency’s “lighter touch” than was pitched in approaches to several projects.
This attack will place pressure on the DTA to impose stricter controls on contractors and ensure they have up-to-date security measures.