❓ A WA parliamentary question reveals millions of attempted cyber attacks on government departments and agencies since March 2017, with the Department of Finance experiencing the highest volume. While many attacks were blocked, attribution remains a challenge.
AnsweredQoN 3680Legislative Assembly
Asked
14 August 2018
Member
Portfolio
Treasurer; Minister for Finance; Energy; Aboriginal Affairs
QuestionView source ↗
For all departments, agencies, government trading enterprises or boards within the Minister’s portfolio responsibilities I ask since 11 March 2017: (a) How many attempted cyber attacks have there been on internal network systems and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet or customer related detail compromised; (b) How many attempted cyber attacks have there been on external network systems or websites and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet or customer related detail compromised; and (c) How many attempted cyber attacks have there been on any internet enabled devices (i.e. iPhones, iPads etc.) and if any: (i) How many of these were conducted by a non-state foreign actor; (ii) How many of these were conducted by a nation-state foreign actor; and (iii) How many were successful and was any material containing Cabinet related detail compromised?
AnswerView source ↗
Answered
18 September 2018
Response time
9 days
Department of Treasury (a-c) The Department of Finance provide Treasury’s enterprise security service under a service level agreement. Treasury’s information will be contained within the Department of Finance response.
Department of Finance (a) 10,127,978 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) 11 – there has been no indication that any Cabinet or customer-related material was compromised. (b) 5,337,960 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) No successful external attacks have been detected. (c) 4283 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) No successful external attacks have been detected.
Western Australia Treasury Corporation (a) Nil (i-iii) Not applicable (b) One (i) One (ii-iii) Nil (c) Nil (i-iii) Not applicable
Economic Regulation Authority (a-c) Nil
Department of Planning, Lands and Heritage Former Department of Aboriginal Affairs (11 March – 30 June 2017) (a-c) Nil
Department of Planning, Lands and Heritage (1 July 2017 – 14 August 2018) Please refer to Legislative Assembly question on notice 3683.
Aboriginal Policy and Coordination Unit Please refer to Legislative Assembly question on notice 3670.
Western Power (a) None (i-iii) Not applicable (b) Tens of thousands attempts occur monthly, as is the case for many organisations; in July 2018 there were 268,000 identified attempts, all rejected by protective measures. (i) It is not known who conducts the attempted attacks or where they are initiated. (ii) It is not known who conducts the attempted attacks or where they are initiated. (iii) None were successful. (c) Nil (i-iii) Not applicable
Synergy (a-c) Nil
Horizon Power (a) Nil (i-iii) Not Applicable (b) 404 (i) 402 (ii) 2 (iii) Nil (c) Nil (i-iii) Not Applicable
Government Employees Superannuation Board (a-c) Please refer to the Department of Finance’s response to this question relating to attempted cyber attacks on internal network systems as GESB’s internal network systems are controlled and managed by the Department of Finance.
Fire and Emergency Services Superannuation Fund (a-c) Nil
Insurance Commission of Western Australia (a) Nil (i-iii) Not Applicable (b) 2,891,379. (i) Unknown. (ii) Unknown. (iii) Nil (c) Nil (i-iii) Not Applicable
Office of the Auditor General (a) Nil (i-iii) Not Applicable (b) 10,017 (i) Unknown (ii) Unknown (iii) Nil (c) Unknown (i) Unknown (ii) Unknown (iii) Nil
Department of Finance (a) 10,127,978 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) 11 – there has been no indication that any Cabinet or customer-related material was compromised. (b) 5,337,960 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) No successful external attacks have been detected. (c) 4283 (i – ii) The Department of Finance is unable to practically identify the source of cyber attacks and refers to the Joint Cyber Security Centre (JCSC) for advice. (iii) No successful external attacks have been detected.
Western Australia Treasury Corporation (a) Nil (i-iii) Not applicable (b) One (i) One (ii-iii) Nil (c) Nil (i-iii) Not applicable
Economic Regulation Authority (a-c) Nil
Department of Planning, Lands and Heritage Former Department of Aboriginal Affairs (11 March – 30 June 2017) (a-c) Nil
Department of Planning, Lands and Heritage (1 July 2017 – 14 August 2018) Please refer to Legislative Assembly question on notice 3683.
Aboriginal Policy and Coordination Unit Please refer to Legislative Assembly question on notice 3670.
Western Power (a) None (i-iii) Not applicable (b) Tens of thousands attempts occur monthly, as is the case for many organisations; in July 2018 there were 268,000 identified attempts, all rejected by protective measures. (i) It is not known who conducts the attempted attacks or where they are initiated. (ii) It is not known who conducts the attempted attacks or where they are initiated. (iii) None were successful. (c) Nil (i-iii) Not applicable
Synergy (a-c) Nil
Horizon Power (a) Nil (i-iii) Not Applicable (b) 404 (i) 402 (ii) 2 (iii) Nil (c) Nil (i-iii) Not Applicable
Government Employees Superannuation Board (a-c) Please refer to the Department of Finance’s response to this question relating to attempted cyber attacks on internal network systems as GESB’s internal network systems are controlled and managed by the Department of Finance.
Fire and Emergency Services Superannuation Fund (a-c) Nil
Insurance Commission of Western Australia (a) Nil (i-iii) Not Applicable (b) 2,891,379. (i) Unknown. (ii) Unknown. (iii) Nil (c) Nil (i-iii) Not Applicable
Office of the Auditor General (a) Nil (i-iii) Not Applicable (b) 10,017 (i) Unknown (ii) Unknown (iii) Nil (c) Unknown (i) Unknown (ii) Unknown (iii) Nil
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.