Report shows Government ignored hack attack warnings

A Cabinet report prepared for the Carr Government two years ago warned hacking incidents would occur at Parliament House unless IT security was drastically improved.

The consulting report prepared in 1998 by Admiral Computing warned immediate action had to be taken to secure Parliament House IT systems.

The Government ignored the warning that has resulted in the launch of a Police investigation last week into allegations a NSW Labor MP's computer was used to hack into confidential State Opposition files.

Admiral Computing's initial report into IT security was addressed to former general manager of the Central Corporate Services Unit at the Department of Public Works, Richard Michel.

According to the Department of Public Works June 1997/98 annual report, the Government paid $246,713 for the "information security breach analysis" project.

Michel told Computerworld he received the report in 1998 "which provided the basis for a security framework" for the NSW Government, but would not elaborate on why recommendations were not implemented.

Michel, who is now the IT services director at the Department of Community Services, was also unwilling to comment on a second report by Admiral Computing into IT security at Parliament House handed to Cabinet several months later.

A Freedom of Information (FOI) request has been filed by NSW Opposition Leader Kerry Chikarovski to obtain a copy of the report in a bid to find out why action was not taken when Cabinet was made aware of the problem two years ago.

Chikarovski has advised Liberal MPs not to use the parliamentary computer system for confidential or sensitive matters until the issue is resolved and said Police Commissioner Peter Ryan has given an assurance full police resources will be used to investigate the matter.

"Opposition MPs will not be using the computers for any confidential matters until an audit is undertaken of all machines," she said.

"We are all on the same system here, which is a bit like the Commonwealth Bank and Westpac being on the same system; we are only using the computers for routine matters until the Government provides separate systems for Liberal and Labor or at the very least, a major IT security upgrade."

Computer files in the office of Opposition Cabinet secretary Charlie Lynn had allegedly been hacked, but security sources familiar with the incident said "very little skill and expertise was required to breach the system".

"All you had to do is find the right drive, there is very little access control; user IDs and passwords are stored locally so potentially this person had access to everyone's computer," the source said.

"There is no way of telling if other information was accessed and we will never really know the extent of the breach or the number of times it had happened previously."

A spokesman for NSW Premier Bob Carr said IT security was a matter for the presiding officers and the clerks of Parliament House as they make all IT spending decisions.

He said they were in charge of operation and it was up to them to undertake an upgrade and improve security measures.

"The Premier will not take any action until police investigations are complete, we will not interfere in the process," he said.

Asked if the Government will make the report available and why it was ignored, the spokesman said it was available under FOI.

At a press conference earlier in the week, NSW Premier Bob Carr said the hacking incident or any reference to political espionage is "very, very serious".

The Cabinet Office also refused to comment on the report and Admiral Computing did not return calls.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sandra Van Dijk

Computerworld
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?