Western Australian Auditor General’s Report, ‘Cyber Security in Local Government’ was released on 24th November 2021. The audit found vulnerabilities like disclosure of technical information, flawed weak encryption, out-of-date softwares, sharing of passwords as clear text on the internet and insecure software configuration.
44% of these vulnerabilities were of critical severity and 49% were of medium severity. Outdated software was responsible for 55% of vulnerabilities, insecure encryption for 34% and incorrect configuration for 8%.
According to the report the governments failed to consider ransomware attacks and malware, unlawful access to servers, data breaches, external attacks, third-party supply and IT device theft.
While only three organizations had systems in place to block and identify stimulated attacks, there were nine that were not able to detect or respond to these attacks. There were three organizations that were able to detect the simulated attack in a week's time and reacted to it only once.
Source:
Comments