[LINK] Private emails exposing agencies

[Rick Welykochy]

Antony Barry wrote:

> I found this article in the Australian  thought it may be of interest.
>
> To read the story, visit this link.

I found this:

<http://www.theaustralian.com.au/national-affairs/private-emails-exposing-agencies/story-fn59niix-1226027025964>

"Private emails exposing agencies to cyber threat

     * Natasha Bita
     * From: The Australian
     * March 24, 2011 12:00AM

PUBLIC servants sending private emails are exposing government agencies to hackers and WikiLeaks-style
security threats and could be targeted by spies, the Auditor-General warned yesterday.

The Australian National Audit Office wants government agencies to set up internet kiosks so staff
can safely surf the internet and send private emails.

Its audit reveals the ANAO was able to crack the passwords of some high-ranking staff members, including
IT administrators, in its cyber-security review. And it warns that bureaucrats can easily leak "top secret"
documents by attaching them to low-security emails.

The report recommends government agencies police the existing ban on staff using public web-based email
such as Hotmail or Gmail.

"These can provide an easily accessible point of entry for an external attack," it says.

The report reveals the Defence Signals Directorate has warned spies could target public servants with
"socially engineered" emails, which appear legitimate by referring to the target's friends, or have
been sent from a known email address.

"It is possible that an attacker could target a person known to be working for a government agency,
sending a socially engineered email to their webmail account," the ANAO report says.

"If the person opened this email from their work desktop, it could allow the attacker to launch a
virus or gain unauthorised access to the agency's network."

etc.




cheers
rickw



-- 
_________________________________
Rick Welykochy || Praxis Services

Forgive everyone everything.