The Australian Federal Parliament suffered a malware infection earlier this year after some users fell victim to a watering hole attack, the Australian Broadcasting Corporation (ABC) reports. The attack is thought to be state-sponsored and led to two senators having “non-sensitive” data stolen.
“A small number of users visited a legitimate external website that had been compromised,” said Senate President Scott Ryan. “This caused malware to be injected into the parliamentary computer network.”
ABC has also learned that Parliament’s system was attacked by the Emotet banking Trojan last month, but the Government’s security team thwarted the attack.
Labor MP Tim Watts said Parliament offers regular cyber hygiene courses for thousands of people who use the system, but he noted that few people attend these courses.
“It’s a common practice in the corporate sector these courses are mandatory; that's not the approach the parliament has taken,” he said. “We need to significantly increase the sense of urgency among MP's and staff about cyber hygiene and how to protect themselves.”
A majority of all cyberattacks are the result of human error, and most occur because an employee is tricked into letting an attacker in. New-school security awareness training can teach your employees how to avoid falling for social engineering tactics.
The Australian Broadcasting Corporation has the story: https://www.abc.net.au/news/2019-11-15/cyber-attack-thwarted-on-parliament-house/11706444