Select Page

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

Posted by | Nov 25, 2021 | , , , , , , , | 0 |

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

West Australia Council Audit Report November 25 2021

WA councils fail to detect simulated cyber attack in audit.

Only three out of 15 entities did so in a “timely manner”.

Western Australian Audit General’s Report: Cyber Security in Local Government
Reported in: WA councils fail to detect simulated cyber attack in audit | iTnews
Read more Audit Reports

WA local government entities have been put on notice to improve their cyber security policies and procedures after nine councils failed to detect a simulated cyber attack.

LG entities need to improve their management of cyber risks and response to cyber threats. Most did not have current and complete cyber security policies and processes to help them manage the risks and effectively respond.

WA LG entity findings for key audit areas

Despite LG entities providing cyber security awareness training for employees, staff at 8 of the 15 audited LG entities accessed links and, in some cases, provided their credentials (username and password) in response to our test phishing emails. Technical controls to prevent phishing emails, coupled with focussed training to remind staff of their obligations and cyber security risks, would help LG entities manage these risks.

LG entities did not have appropriate mechanisms to detect and respond to cyber security incidents and their systems and networks were vulnerable because of out-of-date software. Nine of the 15 audited LG entities did not detect or respond to our simulated cyber-attacks, and those that did still needed to improve their processes.

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: DFAT Stranded Aussies’ identities exposed again | The Canberra Times

Incident: DFAT Stranded Aussies’ identities exposed again | The Canberra Times

October 28, 2020

Incident: Amnesty International Australia slow with disclosure after December hack | SMH

Incident: Amnesty International Australia slow with disclosure after December hack | SMH

April 28, 2023

Incident: More than 90,000 South Australian public servants now involved in payroll data breach | ANC News (Australia)

Incident: More than 90,000 South Australian public servants now involved in payroll data breach | ANC News (Australia)

May 18, 2022

Incident: Uniting Communities investigating possible data breach amid ‘cyber incident’ | ABC News (Australia)

Incident: Uniting Communities investigating possible data breach amid ‘cyber incident’ | ABC News (Australia)

June 16, 2021

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Australians lose access to 'dangerous' Anthropic AI models after Trump order
Australians lose access to 'dangerous' Anthropic AI models after Trump order

Artificial intelligence company Anthropic has taken its most advanced AI models offline after it was ordered by the US government to suspend access … [...]

How to beat cyber criminals and protect your passwords | 7NEWS
How to beat cyber criminals and protect your passwords | 7NEWS

Australians are being warned to rethink what they share online, with scammers now using AI to crack passwords and steal personal information faster than ever before. Subscribe and set 🔔 [...]

Gov looks for upstream threat blocking by telcos, cloud operators
Gov looks for upstream threat blocking by telcos, cloud operators

The government wants to give telcos and cloud providers the power “to enable upstream blocking of cyber threats” as a key action under the second … [...]

Exclusive: Napoleon Perdis allegedly breached following threat actor claims
Exclusive: Napoleon Perdis allegedly breached following threat actor claims

Australian luxury make-up and cosmetics brand Napoleon Perdis has allegedly suffered a cyber incident after a threat actor claimed responsibility for … [...]

Exclusive: 2019 claims breach of Australian lingerie retailer
Exclusive: 2019 claims breach of Australian lingerie retailer

An Australian online and in-store women’s lingerie, swimwear and underwear retailer has allegedly been breached following claims made by a threat … [...]

Parents warned after ‘cyber security breach’ at South Australia’s Reynella East College
Parents warned after ‘cyber security breach’ at South Australia’s Reynella East College

Investigations into the incident are ongoing, but the school warns that IT systems are expected to be offline for some time. • Thu, 11 Jun 2026 • … [...]

Services Australia privacy incident saw pensioner concession cards sent to the wrong recipients
Services Australia privacy incident saw pensioner concession cards sent to the wrong recipients

Services Australia has disclosed a privacy incident it detected last month, which led to the halting of the printing of pensioner concession cards. • … [...]

Student data compromised in second University of Western Australia data breach in 6 months
Student data compromised in second University of Western Australia data breach in 6 months

The university’s Student Information Management System was exposed after access credentials were “unintentionally exposed online”. • Thu, 11 Jun 2026 … [...]

Exclusive: Ochre Health confirms patient data from its Tuggeranong clinic potentially compromised
Exclusive: Ochre Health confirms patient data from its Tuggeranong clinic potentially compromised

Threat actor 2019 claimed to have breached the data of more than 25,000 patients via a third-party platform – and it’s already been sold on a hacking … [...]

Exclusive: One Nation blames “fearful Labor goons” for DDoS site crash
Exclusive: One Nation blames “fearful Labor goons” for DDoS site crash

Pauline Hanson’s popularity is surging, and so was the malicious traffic targeting One Nation’s donation page today. • Fri, 12 Jun 2026 • … [...]

Takedown! AFP helps dismantle alleged $542m cyber crime money laundering network
Takedown! AFP helps dismantle alleged $542m cyber crime money laundering network

Australian investigators have helped disrupt an alleged international money laundering operation accused of processing criminal proceeds, including … [...]

Government agencies fail to disclose AI use | ABC NEWS
Government agencies fail to disclose AI use | ABC NEWS

Australia rejected an EU-style approach to regulating AI and tasked each government agency with managing its own use of the technology. The ABC can now reveal dozens of federal agencies [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading