Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

- 7923966 3x2 940x627 - NSW Government agency’s 49-day hack shows need for cyber security beef up: report –

Credits: ABC News

It took one NSW agency 49 days to shut down a by fraudsters, a new report on security in the service has revealed.

The attempted financial fraud in 2017 involved a government agency and its IT systems provider, and spread to other agencies before it was reported and stopped.

The case study is part of a new report by the state’s auditor-general Margaret Crawford.

She called for urgent improvements in the public sector’s ability to respond to cyber security incidents.

“There is a that incidents will go undetected longer than they should, and opportunities to contain and restrict the damage may be lost,” the report said.

“Cyber security incidents can harm government service delivery and may include theft of personal information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.”

Hacked account sent out 40 bogus emails

The 2017 case study started with a compromised email account, and led to led to a shut-down of the agency’s financial payment system.

Six days later, the hacked account sent deceptive emails, known as phishing, in a bid to get the credentials of finance staff.

Two weeks after the initial hack, the agency’s IT provider detected a fraudulent invoice and raised the incident to major status.

Email account users were told to change their passwords, but by day-20, the hacked email account had sent out 450 bogus emails, and 300 staff had clicked on the link inside.

At that point the agency had found out that about 200 email accounts were under the control of criminals, yet it failed to temporarily lock the accounts.

It was not until day 36 that the IT provider reported the incident to the Government’s chief information security officer.

Six days later, it was found that the account that had been hacked at the start was still compromised.

The agency’s gateway, which handled business invoices, staff salaries and superannuation, was finally re-opened on the 49th day.

More needs to be done to protect our systems: Government

Ms Crawford said the incident underlined the fact that there was no whole-of-government capability to detect and respond to security incidents.

She made 11 recommendations for urgent consideration by the State Government, including improved training and reporting of incidents.

She also recommended cyber security intelligence sharing between agencies be improved and formalised, including formal links with Federal Government security agencies, other states, and the private sector.

Minister for Finance, Services and Property Victor Dominello said he would endeavour to implement the auditor-general’s recommendations.

“We acknowledge more must be done to protect our systems and ensure they are resilient and fit-for-purpose in the digital age,” he said.

“Cyber security is an evolving threat, which is why we created the position of government chief information security officer.”

- logo16 - NSW Government agency’s 49-day hack shows need for cyber security beef up: report –

www.extremehacking.org

Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv9,CHFI,ECSAv9,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v9 course in Pune-India, ceh certification in pune-India, ceh v9 training in Pune-India, Ethical Hacking Course in Pune-India



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here