Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Cyber Security NSW releases 2022 Year in Review

Cyber Security NSW is taking a look back at some of its achievements — and challenges — for 2022 in its 2022 Year in Review report, released today (6 March).

user icon David Hollingworth
Mon, 06 Mar 2023
Cyber Security NSW releases 2022 Year in Review
expand image

Even before the big-name hacks of the middle of the year, the agency was busy helping to mitigate the effects of the Log4Shell vulnerability. Cyber Security NSW shared advice and intelligence on the vulnerability and worked with a number of other agencies to patch against it.

A number of knowledge-sharing sessions were also hosted for local councils. Though some government systems were taken offline following apparent “scanning activity and exploitation attempts”, patches were, in all cases, eventually tested and applied.

Cyber Security NSW also produced a total of 42 reports on various exploits and the groups that use them and detected over 22,000 vulnerabilities across NSW government networks, while the vulnerability identification team, based in Bathurst NSW, worked on 23 sensitive data breaches.

============
============

The team launched a pen-testing service in 2021, which in 2022 performed 16 penetration tests across various agencies and council networks. There were 650 monitoring agents deployed to five councils to help them self-monitor for cyber threats, and four other councils were onboarded to the vulnerability team’s new internal vulnerability monitoring service, which was piloted this year.

There were 985 government websites constantly monitored for “defacement attacks”, and one attempted domain takeover was detected by the team.

The team also worked with regional organisations to boost cyber education, and attended three school-cased events, and took on five work experience students.

In September, Cyber Security NSW worked with both Optus and Medibank following their spectacular data breaches. Here the challenge was to investigate any potential impact on the NSW government, as well as individuals, and with agencies such as ID Support NSW.

As well as dealing with threats and vulnerabilities, Cyber Security NSW also hosted its first Cyber Insights Series of events, a series of roundtable discussions with cyber security experts, and business and government leaders alongside academics.

The agency also did away with its own compliance and assurance programs, since a review found compliance was handled much more effectively by internal audit teams inside other agencies. To assist these teams, the agency began hosting a series of Cyber Insights Panels to share expertise and identify specific threats to each organisation.

Cyber Security NSW also hosted its largest capture-the-flag event, with 280 people attending. The event focused on digital forensics, open-source intelligence, and vulnerability identification. The agency also ran exercises for nine councils and set up an exercise-as-a-service, well, service, that has already provided four exercises for councils and other government agencies, and which has interest from 13 more.

Managing risk has been another area of strenuous work for the agency, with the team providing internet-facing vulnerability reports to local government teams every six months. A health check service also uncovered a number of areas where security could be improved across government, while a scheme to uncover compromised passwords found that “more than 77,000 accounts across 14 entities were using passwords previously seen in data breaches”.

Cyber Security NSW has also been working with the Australian Cyber Security Centre as it ramps up its REDSPICE program.

Looking ahead into 2023, Cyber Security NSW is working on a new NSW Cyber Security Policy, which will be released in July this year. Based on previous policies (first introduced in 2109), the new policy will “provide greater clarity on cyber security maturity and uplift strategies”.

You can read the full year in review here.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.