Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Government & Risk Management. Show all posts

Thousands of South Australian License Accounts Compromised in mySA GOV Data Breach

 

More than 2,000 SA driver’s licenses were compromised in a cyberattack that uncovered passwords to mySA GOV accounts. 

mySA Gov is the South Australian government's online platform that provides residents to access all state services with a single account, such as checking into a venue or completing transactions for vehicle registration. 

The department of Infrastructure and Transportation said attackers gained access to these accounts as account holders used the same or a similar password for their mySA Gov account as they had used for their account with an unrelated website. However, the department did not provide details regarding the unrelated website.

The hackers secured access to 2,601 mySA Gov accounts, 2,008 of which contained registration and licensing details, ABC reported. The government said there is “no evidence” of any unauthorized transactions on the compromised accounts, but is taking necessary precautions to mitigate further risks. It includes blocking the compromised accounts, informing the victims regarding the breach, urging all impacted account holders to change their driver's license number by attending a Service SA Centre. 

"It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts This is a timely reminder to all mySA Gov account holders and South Australians more generally to always set complex passwords and do not use the same password for more than one account," the Department for Infrastructure and Transport said in a statement. 

Fortunately, the hack does not relate to the mySA GOV app currently used for COVID check-ins, Chris McArdle from the department told David & Will on FIVEaa Breakfast. “There is no compromise or connection to that for this incident. That’s really important for the community to understand that the COVID safe check-in that is part of that app is completely unaffected and all the data that is associated with that is still safe and secure… none of that has been affected.” 

According to the Cost of a Data Breach Report 2021, published by IBM Security, the total global cost of data breaches in public sectors surged nearly 79% between 2020 and 2021. That’s a total average data breach cost of $1.93 million. It reflects that governments are facing an uphill battle to combat the growing surge of cyber espionage and extortion.

White House Directs Federal Agencies to Improve Logging Capabilities

 

The White House has directed federal agencies to improve their logging capabilities in order to accelerate cybersecurity incident response, according to a memo from the Office of Management and Budget. 

The memo, issued by acting OMB Director Shalanda Young, includes a maturity model for event log management intended to guide federal agencies' implementation of its requirements across four event logging (EL) tiers: not effective, basic, intermediate, and advanced.

"These tiers will help agencies prioritize their efforts and resources so that, over time, they will achieve full compliance with requirements for implementation, log categories, and centralized access. Agencies should also prioritize their compliance activities by focusing first on high-impact systems and high-value assets,” according to OMB. 

By working through these various tiers, federal departments will align more with the types of log management capabilities present in the private sector, according to Mike Hamilton, the former vice-chair for the Department of Homeland Security's State, Local, Tribal, and Territorial Government Coordinating Council. 

The memo follows a May 12 executive order by President Joe Biden issued following the SolarWinds hack that compromised nine federal agencies, a ubiquitous government contractor, and about 100 U.S. companies.

“Recent events, including the SolarWinds incident, underscore the importance of increased government visibility before, during, and after a cybersecurity incident. Information from logs on federal information systems — for both on-premises systems and connections hosted by third parties, such as cloud services providers — is invaluable in the detection, investigation, and remediation of cyber threats,” reads the memo. 

The departments now have 60 days to assess their capabilities against the maturity model and plan to address resource and implementation gaps. Those plans must be sent to the OMB Resource Management Office and Office of the Chief Information Officer desk officer. OMB expects federal agencies to prioritize their high-impact systems and high-value assets first as they implement EL requirements.

Agencies were also told to share logs with third parties like the FBI and Cybersecurity and Infrastructure Security Agency. “This sharing of information is critical to defend federal information systems,” reads the memo. The memo directs CISA to deploy teams to advise agencies in their assessment of their logging capabilities and release tools with the FBI to help assess logging maturity. 

Meanwhile, the Department of Commerce must have the National Institute of Standards and Technology maintain Special Publication 800-92, its “Guide to Computer Security Log Management” and incorporate the memo’s requirements into its next revision and other relevant publications.