❓ A WA parliamentary question sought information on Adylkuzz malware infections across various government departments and agencies. All agencies reported zero infections, highlighting existing security measures.
AnsweredQoN 376Legislative Assembly
Asked
24 May 2017
Member
Portfolio
Treasurer; Minister for Finance; Energy; Aboriginal Affairs
QuestionView source ↗
In respect of the Minister’s portfolio responsibilities for departments, agencies or publicly owned corporations: (a) how many computers were infected with the virus/malware called 'Adylkuzz': (i) for each infected computer when was the infection date; (ii) have all computers been cleaned of the virus/malware; (iii) why were the infected machines not patched to prevent this from occurring; and (iv) what actions have been taken since the infection to prevent this from occurring again in the future?
AnswerView source ↗
Answered
27 June 2017
Response time
8 days
Department of Aboriginal Affairs
(a) Nil
(i) - (iv) Not applicable
Department of Finance & Public Utilities Office
(a) Nil
(i-iv) Not applicable
Department of Treasury
(a) Nil
(i-iii) Not applicable
(iv) The Department of Treasury’s (Treasury) ICT patching policy ensures the regular delivery of security updates to Treasury’s computers. Treasury’s computers were patched against ‘Adylkuzz’ in April 2017.
Economic Regulation Authority
(a) Nil
(i-iv) Not applicable
Fire and Emergency Services Superannuation Fund
(a) No computers in our office were infected with the virus/malware called Adylkuzz.
(i-iii) Not applicable
(iv) Our IT provider has anti-virus and malware software installed on alll of our servers and computers.
Government Employees Superannuation Board
(a) Nil
(i-iv) Not applicable
Horizon Power
(a) No Horizon Power computers were infected with Adylkuzz
(i-iii) Not applicable
(iv) Horizon Power has a mature patching program in place as per the Australian Signals Directorate’s ( ASD ) Essential 8 and had already patched for this vulnerability in April 2017. In addition, we have 24/7 monitoring in place to detect any malware activity and an incident management process to deal with malware outbreaks which includes, if necessary, recovery from backup tapes. Notwithstanding, the following additional controls were put in place:
Independent Market Operator
(a) Nil
(i-iv) Not applicable
Insurance Commission of Western Australia
(a) Nil
(i-iv) Not applicable
Native Title
Please refer to response to Legislative Assembly Question on Notice 386.
Office of the Auditor General
(a) Nil
(i-iii) Not applicable
(iv) We perform continual reviews of security practices and controls to prevent infections from occurring
Synergy
(a) Nil
(i-iv) Not applicable
Western Australia Treasury Corporation
(a) Nil
(i-iv) Not applicable
Western Power
(a) Nil
(i-iv) Not applicable
(a) Nil
(i) - (iv) Not applicable
Department of Finance & Public Utilities Office
(a) Nil
(i-iv) Not applicable
Department of Treasury
(a) Nil
(i-iii) Not applicable
(iv) The Department of Treasury’s (Treasury) ICT patching policy ensures the regular delivery of security updates to Treasury’s computers. Treasury’s computers were patched against ‘Adylkuzz’ in April 2017.
Economic Regulation Authority
(a) Nil
(i-iv) Not applicable
Fire and Emergency Services Superannuation Fund
(a) No computers in our office were infected with the virus/malware called Adylkuzz.
(i-iii) Not applicable
(iv) Our IT provider has anti-virus and malware software installed on alll of our servers and computers.
Government Employees Superannuation Board
(a) Nil
(i-iv) Not applicable
Horizon Power
(a) No Horizon Power computers were infected with Adylkuzz
(i-iii) Not applicable
(iv) Horizon Power has a mature patching program in place as per the Australian Signals Directorate’s ( ASD ) Essential 8 and had already patched for this vulnerability in April 2017. In addition, we have 24/7 monitoring in place to detect any malware activity and an incident management process to deal with malware outbreaks which includes, if necessary, recovery from backup tapes. Notwithstanding, the following additional controls were put in place:
Independent Market Operator
(a) Nil
(i-iv) Not applicable
Insurance Commission of Western Australia
(a) Nil
(i-iv) Not applicable
Native Title
Please refer to response to Legislative Assembly Question on Notice 386.
Office of the Auditor General
(a) Nil
(i-iii) Not applicable
(iv) We perform continual reviews of security practices and controls to prevent infections from occurring
Synergy
(a) Nil
(i-iv) Not applicable
Western Australia Treasury Corporation
(a) Nil
(i-iv) Not applicable
Western Power
(a) Nil
(i-iv) Not applicable
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.