Government holds off on attribution for parliament hack

Senate president Scott Ryan

Senate president Scott Ryan has said that he is “not in a position to provide any information regarding attribution of responsibility” for a security breach involving the parliamentary computing network.

Last week the passwords of MPs were reset, with a statement issued by Ryan and House of Representatives speaker Tony Smith revealing that a “security incident” had taken place.

“As soon as the incident was identified the Department of Parliamentary Services [DPS] worked with the Australian Signals Directorate and its Cyber Security Centre to investigate and remediate the situation,” Ryan today told the Senate.

“As a consequence of this, the decision was taken late last week to implement a number of measures to protect both the network and its users. One specific measure was to reset all the network user-, administrator- and system-level passwords. The reset occurred between the hours of 3am and 6.30am last Friday February 8.”

Ryan said that during that time a “range of other measures were also undertaken” to protect the network.

“I can assure the Senate that this action was carried out as a standard security incident response procedure and precautionary measure to protect user access and information,” the Senate president said.

Ryan said that a “conscious decision was made to not advise users in advance as any communication may have flagged remediation activities to the offender and limited remediation effectiveness.”

As a consequence of the password reset, DPS boosted staff on its service desk during the weekend.

“For several years the Australian Signals Directorate and its Cyber Security Centre have been working with DPS to improve the security of the network,” Ryan said.

He said the department had made “substantial strides in strengthening cyber defences, which have been effective in limiting the impact of this incident.”

“While any intrusion to the network is extremely unfortunate, it is important to understand that the methods used by malicious actors are constantly evolving and no network including the parliamentary computing network is considered 100 per cent secure,” he added.

The Senate president said that it is likely to be “some time” before an investigation into the incident if concluded.

Ryan and Smith said last week that there was no evidence any data was accessed during the breach.

The 2018-19 budget, handed down in May last year, earmarked some $9 million over four years to fund the development of a Department of Parliamentary Services cyber security operations centre.

That funding included $300,000 in capital funding in 2018-19 for the centre, which the government said would “enhance cyber security protection for the parliamentary computing network.”