Home›Questions on Notice›QoN 3109

❓ A WA parliamentary question regarding the potential impact of a Cisco Smart Install vulnerability on government agencies. The Department of Justice confirms some devices are still using the feature but are scheduled for replacement.

AnsweredQoN 3109Legislative Assembly

Asked

12 June 2018

Member

Mr Z.R.F. Kirkup

Portfolio

Attorney General

QuestionView source ↗

In respect of the Minister’s portfolio responsibilities for any departments, agencies, government trading enterprises or boards I ask, noting the statement made by the Australian Cyber Security Centre on 17 April 2018 in relation to the malicious targeting of Cisco devices using the Smart Install feature: (a) Were any devices in the agency affected by this attack: (i) If so, what was the nature of the cyber-attack and what information held by the agency was unlawfully accessed; and (b) Is the Cisco Smart Install feature still in use by the agency as at 1 June 2018: (i) If so, why?

AnswerView source ↗

Answered

14 August 2018

Response time

9 days

THE DEPARTMENT OF JUSTICE
(a) No.
(i) Not applicable.
(b) Yes.
(i) The Cisco Smart Install is still in use on some network devices in the Department of Justice (the Department) as at 1 June 2018. The Department has a plan to replace these devices which are currently on extended support by December 2018.
ALL OTHER AGENCIES
(a) No
(i) Not applicable.
(b) No
(i) Not applicable.

View on Parliament of WA