Stonnington Council cyberattack exposes ratepayer information
A recent cyberattack against Stonnington Council has exposed private ratepayer information across some of Australia’s most expensive suburbs. In a Channel 7 Report on the incident, Stonnington Council CEO Jacquie Weatherill has stated that an “international agent” has infiltrated their systems.
The attack has resulted in in the council shutting down payments and planning applications on their website.
The Stonnington Council services some of Australia’s most expensive suburbs, including Toorak, Malvern and South Yarra. With approximately 110,000 Stonnington residents, it’s no surprise that international actors could find value in targeting the council for the attack.
The public sector is often at an increased risk of cyber-attack, both by individual criminals looking to install ransomware or sell data on the dark web for a profit, as well as by international actors with more political motivations.
Just this year, China was suspected of a cyber attack against Western Australian Parliament during a state election, and similar suspicions were raised in 2019 for an attack against Federal Parliament.
Experts are increasingly warning public sector organisations to take increased cybersecurity measures, especially given that cybersecurity damages in Australia have increased exponentially year after year.
In a statement on the Stonnington Council website, Weatherill quotes:
“Our priority is to ensure our customer’s data is kept secure, our workforce can be as productive as possible, and our customers remain connected.”
While a cause and method of attack is yet to be identified or released in a public statement, it’s often the case that human error is the underlying cause of a breach, with over 90% of data breaches being attributable to human error.
Given the widespread adoption of work-from-home, the risk of human error and consequential security incidents is higher than ever before for all organisations. To ensure your cyber-safety for the remainder of 2021, we recommend the following security practices:
- Keep work separate from social media: Stonnington Council employs over 1000 people, many of whom are currently working remotely. It’s crucial that in organisations of all sizes, all work data and practices are discussed on work-approved platforms. If work information is openly discussed on social media platforms such as Facebook or Messenger, it opens a range of security concerns that simply can’t be monitored reliably.
- Ensure all staff are on a VPN: Simply put, a VPN works as a secure “tunnel” between your home and your workplace. While working from home, you and your colleagues are sending sensitive data and business documents across potentially unguarded connections, meaning it’s more likely that someone could intercept or eavesdrop on your data. Ensuring all employees are on a VPN will massively improve your monitoring capabilities, as well as reducing the risk of eavesdropping.
- Use two-factor authentication: Two-factor login has become the new safety standard for any secure business and is simply an extra layer of security on top of your passwords. For example, when you receive an SMS code to confirm a Facebook login or online bank transaction, that’s two-factor in play and it can be turned on for most logins. You can find two-factor setup tips from the ACSC here.
Not sure about the next steps to take for your cybersecurity? Visit cyberaware.com for more key safety tips and takeaways.