Senate debates

Tuesday, 12 February 2019

Statement by the President

Parliamentary Computing Network

12:04 pm

Photo of Scott RyanScott Ryan (President) Share this | | Hansard source

As senators are aware, the Australian parliamentary computing network has recently been the subject of a security incident. As soon as the incident was identified, the Department of Parliamentary Services worked with the Australian Signals Directorate and its Cyber Security Centre to investigate and remediate the situation. As a consequence of this, the decision was taken last week to implement a number of measures to protect both the network and its users. One specific measure was to reset all network, user, administrator and system level passwords. The reset occurred between the hours of 3 am and 6.30 am last Friday, 8 February. During this time, a range of other measures were also undertaken. I can assure the Senate that this action was carried out as a standard security incident response procedure and precautionary measure to protect user access and information. A conscious decision was made to not advise users in advance, as any communication may have flagged remediation activities to the offender and limited remediation effectiveness.

The majority of APH users attended work on the morning of 8 February and, after logging on, were prompted to change their password. This then enabled users to resume work. The Department of Parliamentary Services ensured that additional resources were available on the 2020 service desk during Friday and the weekend, and leading up to this sitting period to manage the higher volume of calls generated by the password reset. An email was sent to all network users at approximately 9.30 am on Friday advising of the password reset and why it was necessary for it to occur, understanding that users who had not performed the reset would not receive this.

For several years, the Australian Signals Directorate and its Cyber Security Centre have been working with DPS to improve security of the network. DPS has made substantial strides in strengthening cyberdefences, which have been effective in limiting the impact of this incident. While any intrusion to the network is extremely unfortunate, it is important to understand that the methods used by malicious actors are constantly evolving and no network, including the parliamentary computing network, is considered 100 per cent secure. If there is an incident, best practice is possessing the capability to detect it and then remediate it quickly. The relevant agencies have assured the Speaker and me that DPS acted decisively and fully cooperated with their advice, and that the handling of this incident represented best practice. The cooperation continues as DPS works with the experts of ASD to secure the system and protect its users.

Importantly, I would also like to specifically acknowledge the assistance and expertise of staff from the ASD's Cyber Security Centre, who have worked tirelessly alongside DPS to address and mitigate the impact of this incident.

I'm not in a position to provide any information regarding attribution of responsibility for this intrusion. It is also likely to be some time before the investigation into this incident is concluded. I will provide further relevant updates to senators as is appropriate.

I will take this opportunity briefly to also welcome back to the chamber our colleague and friend Senator Sinodinos.

Honourable senators: Hear, hear!