WA Auditor-General drags local governments over horrendous cyber risk management

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Perth city

Image: Getty Images

The Western Australia Auditor-General has slammed local government (LG) entities in the hard border state, after determining they were not managing cyber risks well.

The outcome of the audit was summed up by two key findings noted in the audit report. The first was most vulnerabilities found during black box testing were over a year old, and in one instance, a vulnerability had existed for a decade and a half.

“We tested the audited LG entities’ publicly accessible IT infrastructure and found vulnerabilities of varying types, severity, and age. The vulnerabilities included disclosure of technical information, out-of-date software, flawed or weak encryption, insecure software configuration, and passwords sent in cleartext over the internet,” it said.

“44% of vulnerabilities were of critical and high severity, with a further 49% of medium severity.

“Known critical and high severity vulnerabilities are generally easy to exploit and expose LG entities to increased

Read the article