Former Department of Defence chief information security officer Lynwen Connick has called on the government to “get the basics right” around digital security in the wake of a cyber attack on the parliamentary computer network.
The Department of Parliamentary Services earlier this month reset the passwords of MPs and staff after the Australian Cyber Security Centre (ACSC) identified what the Prime Minister Scott Morrison described as a “malicious intrusion” into the Australian Parliament House network.
An investigation into the attack has led the ACSC to believe it was conducted by a “sophisticated state actor” that also penetrated the networks of the Liberal, Labor and National parties.
Connick, who joined ANZ bank in 2017 as CISO from a role advising then prime minister Malcolm Turnbull on cyber security issues, told CIO Australia today that government should better communicate threats and improve it’s basic cyber hygiene.
“For me one of the big issues is about communication and explaining to everyone in organisations that this is something everyone needs to understand. And explaining it in real language that not just the cyber people or technology people understand but the business people understand as well,” Connick said in Sydney this morning, at the launch of a Big Four bank-backed initiative to teach school children cyber security skills.
“It is about the basics, so much of security is not about the cool, sophisticated cyber security tools but it’s about making sure you get the basics right around who can access what, how healthy your infrastructure is, how quickly you can respond to an incident as well as having those sophisticated cyber security capabilities,” Connick, who oversaw the development of the government’s national cyber security strategy within the Department of the Prime Minister and Cabinet, added.
Connick’s comments were backed by CBA acting CISO Pete Steel, also appearing on the launch event panel, who advised government CISOs to focus on “the fundamentals”.
“I think every CISO of a government entity or financial institution or large institution in Australia’s probably woken up this morning, saw that news mdash; which is not the first time in the world, but it’s very sobering mdash; and thought oh my goodness, how are we set up? How safe are we?” Steel said.
Steel added that without the basics such as patching, firewalls and encouraging people not to click on any link they’re sent, “all the advanced techniques in the world don’t amount to much”.
“We don’t know how the government was compromised but it’s probably one of the traditional ways even though it’s an advanced threat,” he said.
NAB chief enterprise security officer David Fairman said the government should better collaborate with fellow governments on cyber security, in a similar way the major banks do.
“Leveraging [Five Eyes partners’] intelligence and their capability to help us defend and thwart those type of attacks is extremely important…because this is a global issue it is not an issue that is only contained to Australia,” he said.
“Making sure we strengthen that and ensuring you have real time intelligence that you can act on in a timely manner is critical,” Fairman added.
The federal government in January 2017 said that the Australian Signals Directorate (ASD) would conduct security briefings for major political parties following allegations Russia sponsored the hacking of the Democratic National Committee in the US.
Morrison yesterday said he instructed the ACSC to ready itself to provide support political parties and electoral bodies with “immediate support, including making their technical experts available”.
He added that the ACSC had also been working with “global antivirus companies to ensure Australia’s friends and allies have the capacity to detect this malicious activity.”