Australian Signals Directorate (ASD), a government agency responsible among others for information security, and the Australian Cyber Security Centre (ACSC), the Australian government lead agency for cybersecurity discovered who was behind the Australian Parliament House email system attack.

Even if they have this information, the agencies stated it’s not their place to disclose it.

Attribution is a matter for government, and is made only when in the national interest.

Source

This week, the Department of Parliamentary Service (DPS) has disclosed that following the email system attack, its mobile device management (MDM) has been destroyed and changed.

The attack did not cause an outage of the DPS systems. DPS shut down the MDM system. This action was taken to protect system security while investigation and remediation were undertaken.

To restore services, DPS brought forward the rollout of an advanced mobile services solution that replaced the legacy MDM. The new solution provides greater security and functionality for mobile devices. This rollout was a complex activity and extended the outage experienced by users.

Source

ASD concurred the threat actor was rudimentary and the Australian Cyber Security Centre helped to look for any possible insertions in the Australian Parliament House Microsoft Exchange server.

An unsophisticated attack would have had a higher than expected possibility to triumph, thanks to the lack of two-factor authentication (2FA).

Senator Kimberley Kitching said:

Before users came back on line after this incident, they were asked to implement new security controls to access APH emails via mobile handsets — namely multi-factor authentication.

Source

The ASD declared that during the action of providing cybersecurity guidance and support to the Department of Parliamentary Service (DPS) after the attack, the ACSC provided broad guidance in security controls.

According to DPS, there is no proof that any email accounts have been affected following the attack.

ASD also declared no code review has been finalized on the systems of the Australian Electoral Commission, but it has “conducted a vulnerability assessment and partnered with the AEC to conduct multiple uplift activities on the AEC network.”

Heimdal Official Logo
Email communications are the first entry point into an organization’s systems.

Heimdal™ Email Fraud Prevention

Is the next-level mail protection system which secures all your incoming and outgoing comunications.
  • Deep content scanning for attachments and links;
  • Phishing, spear phishing and man-in-the-email attacks;
  • Advanced spam filters to protect against sophisticated attacks;
  • Fraud prevention system against Business Email Compromise;
Try it for FREE today Offer valid only for companies.
featured photo for heimdal news
2021.04.16 QUICK READ

Celsius Email System Suffers Security Breach

2021.03.25 QUICK READ

What Is MDM Software and Why Is It Important?

heimdal security news and updates
2021.03.22 QUICK READ

Australian Government Departments Improperly Self-Reported Cyber Compliance, ANAO Finds

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP