Cyber threats for local government

In FY2020, one QLD regional council was subject to a ransomware attack. A ransomware attack is a form of a cyber-attack where the attacker gains access to information systems and demands a ransom to return the information. 

The cyber attacker gained access to all council systems, including the backup data stored on the council’s network. The impacts of this attack were:

• The council was unable to access systems and information, with complete restoration taking an extended period (for example, payroll and creditors had to be paid manually for five weeks)
• Normal activities could not be performed or were delayed (for example, the council was unable to prepare monthly financial management reports)
• Key staff, including information technology staff and contractors, needed to work extended hours to resolve the situation, and
• Council staff spent significant time in dealing with various parties and investigating the source of the data breach.

What are the lessons learnt?

The council has now taken action to strengthen its controls, including:

• Understanding the ways that external parties (such as suppliers, banks, and the public) access the council’s network and what opportunities this could provide to external attackers
• Strengthening its password controls
• Increasing staff training on the risks associated with emails, and opening attachments and clicking links, and
• Engaging independent professional experts to periodically test the security controls on its information systems and provide recommendations for improvements.

This matter was reported to the Queensland Government Cyber Security Unit of the Queensland Government Customer and Digital Group (formerly the Queensland Government Chief Information Office). 

This incident highlights the importance of cyber security for all councils, not just large or higher-profile councils.

Source: (Local government 2020 | Queensland Audit Office. https://www.qao.qld.gov.au/reports-resources/reports-parliament/local-government-2020)