Critical state budget documents could have been exposed in cyber security flaw

Critical state government data was potentially vulnerable to attacks from cyber criminals and nation states including China after a major security flaw.

James O'Doherty

2 min read

December 14, 2021 - 6:41PM

NSW

Don't miss out on the headlines from NSW. Followed categories will be added to My News.

Critical state government data was potentially vulnerable to attacks from cyber criminals and nation states including China after a major security flaw was identified impacting millions of systems around the world.

The vulnerability — described yesterday as potentially “the biggest ever internet security problem” — allows attackers to gain access to critical servers from where they can steal data or hold it to ransom.

The Daily Telegraph can reveal NSW Treasury was forced to take its accounting systems offline on Monday night in order to ensure they were safe from attack.

The systems taken offline contained sensitive information about the government’s upcoming budget update, which may have been vulnerable to attack if not fixed.

Sources familiar with the incident say that the action was precautionary, and no data was accessed by cyber attackers.

Fixing the potential vulnerability has impacted the release of the state government’s budget update, which will be delayed by a few hours.

The first evidence of the flaw being exploited by criminals was on December 1, more than a week before the vulnerability was publicly announced.

The Log4Shell vulnerability has caused havoc across the world with millions of systems potentially at risk.

There has been evidence of criminals exploiting the flaw to effectively kidnap data and demand payment for its release — known as a “ransomware attack”.

Because the flaw would allow attackers to install their own software in their victims’ systems, it could also be exploited as a means to steal data or shut down software.

Former head of the Australian Cyber Security Centre Alistair MacGibbon on Tuesday said the vulnerability — dubbed by some as “Log4Shell” — as “probably one of the most pervasive cybersecurity threats we’ve seen, full stop”.

He said IT teams “all around the world” are racing to ensure their systems are safe from criminals and enemy nation states.

“It would not be hyperbolic of me to say that this could be the biggest ever internet security problem,” he said.

Mr MacGibbon, Chief Strategy Officer at cyber security company CyberCX, said the vulnerability is so critical that even the United States National Security Agency was forced to take its own systems offline to fix its software.

He said nation states including China would be seeking to exploit the security flaw to attack their enemies.

Australia’s former cyber security adviser Alistair MacGibbon called the vulnerability potentially impacting Treasury could be the world’s “biggest ever internet security problem”. Picture: Tracey Nearmy/Getty Images

“Any self respecting nation state threat actor … would be saying: ‘Brilliant, scan away at all my targets to see if I can drop something into them’,” he said.

Attacks could continue for months and years to come, he said.

The vulnerability impacts software used by millions of systems around the world.

“Every computer you see, most of the services that run on it will potentially be impacted by this issue.

“There will be thousands of victims around the world of this who just went too slow (to fix their software)”.