Share this article
Concern in the rise of Cyberattacks on Government Agencies
In a recent report tabled in the Victorian state parliament, the Victorian Auditor-General’s Office has highlighted a concerning rise in cyberattacks targeting government agencies. The report reveals that 90% of Victorian government agencies fell victim to cyberattacks last year, putting critical services at risk of disruption. The implications of these attacks extend beyond data breaches, potentially leading to disrupted communication networks, compromised personal information, and the shutdown of vital facilities including water, health, and emergency services.
One incident cited in the report is the cyberattack on Fire Rescue Victoria's dispatch and email systems in December 2022. This attack forced firefighters to rely on traditional communication methods like radios and mobile phones during emergencies, exposing personal staff information in the process. Similarly, in 2019, cyberattacks on Victorian hospitals resulted in delayed surgical procedures due to compromised booking systems.
Critical gaps in the existing cybersecurity measures
Despite the government acknowledging cybersecurity as one of the top 10 risks for the state, the report underscores some critical gaps in the existing cybersecurity measures. Among the concerning findings, 94% of staff at the examined agencies were not using multifactor authentication, a basic yet effective security measure. The report also revealed that none of the audited agencies had fully implemented essential identity and device controls, such as multifactor authentication, to prevent unauthorised access to networks.
In response to the report, the Department of Government Services has accepted its recommendations and emphasised the priority placed on cybersecurity. The establishment of a new cyber defence centre has enhanced the government's ability to detect and block threats in real time. Investments are being made to further enhance capability and performance across government agencies.
As cybersecurity threats continue to evolve and intensify, it is crucial for Victorian government agencies and supporting companies to take proactive steps, implement robust security measures, and work together to safeguard critical services and the personal information of the community.
Cybersecurity Recommendations for Government Agencies
We recommend the following key action points to help move towards a more secure digital landscape:
- Coordinated Efforts: Collaborative efforts among agencies will facilitate a coordinated response to cybersecurity risks, leveraging the public sector's economy of scale.
- Regular Training: Ongoing training and awareness programs should be implemented to educate staff about cybersecurity best practices and emerging threats.
- Incident Response Plans: Agencies must develop and regularly update robust incident response plans to mitigate the impact of potential cyberattacks.
- External Partnerships: Government departments and agencies should collaborate with external partners, including cybersecurity experts and organisations, to review and strengthen cybersecurity controls.
- Continuous Improvement: Regular assessments and audits should be conducted to identify vulnerabilities and areas for improvement in cybersecurity controls.
Speak with a Tesserent
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.