Federal MPs to receive phishing training in wake of parliament hack

DPS to stage simulated phishing of MPs and parliamentary staff

phishing fishing lure bait binary hack security breach
Getty Images

The Department of Parliamentary Services has rolled out a new program that will involving sending simulated phishing emails sent to MPs and their staff “to test reactions and improve awareness of this type of cyber-attack,” according to a DPS cyber security advisory.

Labor MP Tim Watts, the shadow assistant minister for communications and cyber security, posted a snippet from the advisory on Twitter. Watts tweeted that it was a “welcome initiative from DPS to build the cyber resilience of the Australian Parliamentary IT systems.”

The effort to heighten the security of the parliamentary network follows revelations in early February that the Parliamentary Computing Network had suffered a “security incident” that led to a forced password reset for MPs.

The attack has been attributed to a “state actor” that, according to Prime Minister Scott Morrison, had also targeted the networks of the Labor, Liberal and National parties.

The scant details released by DPS reveal that the department on 31 January became aware of the attack on the parliamentary network, but it took until 8 February to remove the attacker.

“While I do not propose to discuss operational security matters in detail, I can state that a small number of users visited a legitimate external website that had been compromised,” the Senate’s president, Senator Scott Ryan, told an Estimates hearing on 14 November.

“This caused malware to be injected into the Parliamentary Computing Network,” Ryan said.

“I reveal this information as a salient warning to all users of the parliamentary network that they must be cautious and vigilant when clicking on any documents, attachments or links that are outside of our environment. I had been asked if there was any insider involvement or assistance in the compromise, and I can confirm there is no evidence of an insider threat.”

A small amount of “non-sensitive” data was exfiltrated, according to DPS.

“While we cannot precisely guarantee that no other data was removed, extensive investigation has provided no evidence of this,” Ryan said.

“The small amount of non-sensitive data refers to DPS corporate data and data related to a small number of parliamentarians. Discussions either have occurred or will occur with the affected officers. I can advise that two senators were contacted at the time as soon as the breach was identified.”

“Up to 80 per cent of all cyber-attacks begin with a phishing email so it is important that all users of the Parliamentary network are able to identify and avoid these types of malicious emails,” a DPS spokesperson told Computerworld.

“DPS is following best practice in relation to educating network users of existing cyber threats and implementing a phishing simulation and training program for parliamentarians and their staff.”

The Australian Signals Directorate (ASD) categorised the penetration of Parliament’s network as a ‘C1’ incident: A “national cyber crisis” on the Australian Cyber Security Centre (ACSC) Cyber Incident Categorisation Matrix.

In April, DPS established a new cyber security branch to help safeguard parliamentary systems.

Copyright © 2019 IDG Communications, Inc.

Download: EMM vendor comparison chart 2019
  
Shop Tech Products at Amazon