Select Page

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

Posted by | Nov 25, 2021 | , , , , , , , | 0 |

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

West Australia Council Audit Report November 25 2021

WA councils fail to detect simulated cyber attack in audit.

Only three out of 15 entities did so in a “timely manner”.

Western Australian Audit General’s Report: Cyber Security in Local Government
Reported in: WA councils fail to detect simulated cyber attack in audit | iTnews
Read more Audit Reports

WA local government entities have been put on notice to improve their cyber security policies and procedures after nine councils failed to detect a simulated cyber attack.

LG entities need to improve their management of cyber risks and response to cyber threats. Most did not have current and complete cyber security policies and processes to help them manage the risks and effectively respond.

WA LG entity findings for key audit areas

Despite LG entities providing cyber security awareness training for employees, staff at 8 of the 15 audited LG entities accessed links and, in some cases, provided their credentials (username and password) in response to our test phishing emails. Technical controls to prevent phishing emails, coupled with focussed training to remind staff of their obligations and cyber security risks, would help LG entities manage these risks.

LG entities did not have appropriate mechanisms to detect and respond to cyber security incidents and their systems and networks were vulnerable because of out-of-date software. Nine of the 15 audited LG entities did not detect or respond to our simulated cyber-attacks, and those that did still needed to improve their processes.

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: Pauline Hanson’s website redirected to refugee council site | SBS News

Incident: Pauline Hanson’s website redirected to refugee council site | SBS News

January 15, 2021

Incident: Redland City councillor Tracey Huges ‘deeply sorry’ over mistake in attaching spreadsheet to New Year’s Eve invitation | Redland City Bulletin

Incident: Redland City councillor Tracey Huges ‘deeply sorry’ over mistake in attaching spreadsheet to New Year’s Eve invitation | Redland City Bulletin

January 3, 2020

Incident: DFAT Stranded Aussies’ identities exposed again | The Canberra Times

Incident: DFAT Stranded Aussies’ identities exposed again | The Canberra Times

October 28, 2020

Incident: Hackers target West Australia’s major daily newspaper, putting data of subscribers at risk | WAtoday

Incident: Hackers target West Australia’s major daily newspaper, putting data of subscribers at risk | WAtoday

May 13, 2020

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

How Australia's ASIC v FIIG decision supports your cyber investment business case
How Australia's ASIC v FIIG decision supports your cyber investment business case

What you need to know First AFSL cyber penalty: FIIG's $2.5 million penalty is the first cyber security penalty under general financial services … [...]

APRA and ASIC Sound the AI Alarm for Boards and Executives
APRA and ASIC Sound the AI Alarm for Boards and Executives

What you need to know APRA and ASIC have sent powerful messages to regulated entities regarding AI, cyber security and operational resilience in … [...]

Exclusive: INC Ransom claims cyber attack on Australian engineering service company
Exclusive: INC Ransom claims cyber attack on Australian engineering service company

Threat actors have claimed a cyber attack on an Australian engineering solutions company and are threatening to publish data they allegedly … [...]

Exclusive: Major cleaning and facility services firm confirms third-party cyber incident
Exclusive: Major cleaning and facility services firm confirms third-party cyber incident

Major private cleaning and facility services firm Menzies Group has confirmed a cyber incident that occurred after a third-party IT provider was … [...]

Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims
Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims

A Sydney-based vocational college has found no evidence of compromised student data after being listed on the leak site of a prolific hacking group. • … [...]

Victorian bulk porting scammer gets over two years in prison
Victorian bulk porting scammer gets over two years in prison

A 35-year-old man from Lynbrook, south-east Melbourne, has received a prison sentence of two years and two months, with a 12-month non-parole period, … [...]

NSW cyber cops bust alleged bullion-buying BEC bandits
NSW cyber cops bust alleged bullion-buying BEC bandits

NSW Police have charged three people over an alleged $600,000 business email compromise (BEC) scam operation, after detectives caught a young woman … [...]

Miners’ data targeted as hackers hold software provider to ransom
Miners’ data targeted as hackers hold software provider to ransom

Dozens of Australian mining companies are scrambling to access their key technology systems after a major software supplier to the sector was … [...]

Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts
Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts

The company that runs Canvas has painted a target on its back for future extortion attempts by making a deal with hackers, according to cybersecurity … [...]

Exclusive: Hospitality IT provider allegedly breached by Qilin
Exclusive: Hospitality IT provider allegedly breached by Qilin

Threat actors have claimed a cyber attack on an Australian hospitality and gaming industry supplier, having listed the firm on the dark web. • Fri, 15 … [...]

ACCC welcomes another year of funding for the National Anti-Scam Centre
ACCC welcomes another year of funding for the National Anti-Scam Centre

The Australian consumer watchdog is pleased with the overall funding boost of $67.7 million over four years in the 2026–27 budget. • Thu, 14 May 2026 … [...]

Report: Business email compromise attacks surged dangerously in April
Report: Business email compromise attacks surged dangerously in April

BEC attacks rose 151 per cent month on month in April, with advanced fee and gift card fraud key drivers. • Thu, 14 May 2026 • Security *]:clear-none … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading