❓ WA Parliament Question on Notice reveals frequent cyber attacks on the Department of Education and TAFE colleges, with one successful attack on North Metropolitan TAFE compromising student and staff data. The Department of Training and Workforce Development experiences an average of 76 attacks per day.
AnsweredQoN 3672Legislative Assembly
QuestionView source ↗
For all departments, agencies, government trading enterprises or boards within the Minister’s portfolio responsibilities I ask since 11 March 2017: (a) How many attempted cyber attacks have there been on internal network systems and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet or customer related detail compromised; (b) How many attempted cyber attacks have there been on external network systems or websites and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet or customer related detail compromised; and (c) How many attempted cyber attacks have there been on any internet enabled devices (i.e. iPhones, iPads etc.) and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet related detail compromised?
AnswerView source ↗
Answered
19 September 2018
Responded by
Minister representing the Minister for Education and Training
Response time
10 days
Department of Education
(a)-(c) The Department of Education’s network and online services are under frequent attack from external sources. For example, during July 2018 the Department’s threat protection services detected and blocked the following:
Spoofed emails: 1,539,737
Spam emails: 466,730
Potential malware events: 20,048
Since early 2016, the Department has engaged enhanced threat intelligence and response services from an external commercial service provider. Since March 2018, the Department has experienced an ongoing series of brute force credential attacks targeting email accounts within the Department’s corporate email service. These are being managed by the Department’s various threat intelligence, protection and prevention services. There is no evidence that any attempts have been successful and at this time the origin of the attacks is unknown. The Department continues to work with its internal and external specialist technical security service providers to ensure that the integrity of the Department’s network and online services is maintained and that the Department continues to adopt the best possible security posture.
Department of Training and Workforce Development
The Department of Training and Workforce Development detects and prevents on average 76 attacks per day. It has a number of security services including firewalls, intrusion detection and prevention systems, patch management and denial of service prevention to protect the Department from security threats. The Department’s external ICT security services provide a level of protection to all TAFE colleges.
(a) Nil
(i) – (iii) Not Applicable
(b) Average 76 per day
(i) Blocked unknown
(ii) Blocked unknown
(iii) Nil
(c) Nil
(i) – (iii) Not Applicable
North Metropolitan TAFE
(a) One
(i) Nil
(ii) Nil
(iii) One. Information and data that is known to have been accessed includes staff network account details, encrypted password files, computer names, IP addresses, student network accounts details including first and last name, phone, email address and in some cases addresses.
The accessed student account information did not contain current password and login credentials. There is no evidence that any student financial or banking information was accessed.
An email was sent to all affected students advising them of the possibility that some of their personal information may have been obtained. A hotline was also established to answer any student queries regarding the matter.
System security actions taken following the cyber attack were:
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
South Metropolitan TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) One – On 18 May 2018, South Metropolitan TAFE’s website experienced an attempted cyber-attack. This was swiftly detected, and there were no adverse impacts on the college’s operations.
(i) Nil
(ii) Nil
(c) Nil
(i) – (iii) Not Applicable
North Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
Central Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
South Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
Building Construction Industry Training Fund
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
(a)-(c) The Department of Education’s network and online services are under frequent attack from external sources. For example, during July 2018 the Department’s threat protection services detected and blocked the following:
Spoofed emails: 1,539,737
Spam emails: 466,730
Potential malware events: 20,048
Since early 2016, the Department has engaged enhanced threat intelligence and response services from an external commercial service provider. Since March 2018, the Department has experienced an ongoing series of brute force credential attacks targeting email accounts within the Department’s corporate email service. These are being managed by the Department’s various threat intelligence, protection and prevention services. There is no evidence that any attempts have been successful and at this time the origin of the attacks is unknown. The Department continues to work with its internal and external specialist technical security service providers to ensure that the integrity of the Department’s network and online services is maintained and that the Department continues to adopt the best possible security posture.
Department of Training and Workforce Development
The Department of Training and Workforce Development detects and prevents on average 76 attacks per day. It has a number of security services including firewalls, intrusion detection and prevention systems, patch management and denial of service prevention to protect the Department from security threats. The Department’s external ICT security services provide a level of protection to all TAFE colleges.
(a) Nil
(i) – (iii) Not Applicable
(b) Average 76 per day
(i) Blocked unknown
(ii) Blocked unknown
(iii) Nil
(c) Nil
(i) – (iii) Not Applicable
North Metropolitan TAFE
(a) One
(i) Nil
(ii) Nil
(iii) One. Information and data that is known to have been accessed includes staff network account details, encrypted password files, computer names, IP addresses, student network accounts details including first and last name, phone, email address and in some cases addresses.
The accessed student account information did not contain current password and login credentials. There is no evidence that any student financial or banking information was accessed.
An email was sent to all affected students advising them of the possibility that some of their personal information may have been obtained. A hotline was also established to answer any student queries regarding the matter.
System security actions taken following the cyber attack were:
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
South Metropolitan TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) One – On 18 May 2018, South Metropolitan TAFE’s website experienced an attempted cyber-attack. This was swiftly detected, and there were no adverse impacts on the college’s operations.
(i) Nil
(ii) Nil
(c) Nil
(i) – (iii) Not Applicable
North Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
Central Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
South Regional TAFE
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
Building Construction Industry Training Fund
(a) Nil
(i) – (iii) Not Applicable
(b) Nil
(i) – (iii) Not Applicable
(c) Nil
(i) – (iii) Not Applicable
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.