Australian Government orgs failing to manage cyber risk, report finds
Many local government organisations across Australia are not effectively managing cyber risk, leaving them highly vulnerable to ransomware and cyber theft extortion attacks, which have increased exponentially in 2021.
This is according to a new CyberCX Cyber Intelligence Insights report highlighting key cyber threats to local government organisations across Australia, including the threat posed by nation-state actors.
CyberCX director of cyber intelligence and public policy, Katherine Mansted, says she hopes the report's findings would trigger important conversations for local governments, particularly those who rely on operational technology to manage critical infrastructure and essential services.
“There are local governments around the country that own or operate OT-enabled critical infrastructure, such as water and sewerage systems and energy networks,” says Mansted.
If these essential services are shut down by a ransomware attack, the consequences are potentially catastrophic for local residents, she says.
For local governments, which are often battling budget and resource constraints, the effects of even a relatively unsophisticated cyber attack could also be devastating.
CyberCX chief strategy officer Alastair MacGibbon says the report shows the risk profile of local government organisations is unlikely to materially improve in 2022, as the threat environment continues to deteriorate.
MacGibbon says, “Looking forward to 2022, all local government organisations are at increasing risk of being hit by a cyber incident and suffering significant financial loss, business disruption, loss of data or reputational damage as a result."
In an environment where nation-state actors and cybercriminals are constantly looking for ways to get into their networks and wreak havoc, local governments need to prioritise how they are managing risk and building resilience.
The report also finds that foreign governments are actively targeting local government organisations in Australia for intelligence collection and political interference, with some of these adversaries viewing local governments as weak links in Australia's national security.
CyberCX has observed that the government sector is the third most frequently impacted by cyber extortion in Australia, with local governments assessed as far more likely to be targeted than state and federal agencies.
According to the Cyber Intelligence Insights report, other common cyber risks Australian local governments are being exposed to according to the new report include:
- Business Email Compromise (BEC) is the most likely form of cybercriminal attack to be faced by local governments and could cause major financial loss.
- All local government organisations face a high likelihood of suffering a data breach.
- The most common source of data breaches in the government sector is accidental exposure caused by employees or contractors.
- Phishing continues to be the most common method threat actors use to obtain initial network access, underscoring a critical need for local governments to roll out cyber security awareness and training programs for employees.