Auditor General pwns WA

A newly released report from the office of the Auditor general, shows that 14 out of 15 West Australian departments, when scanned by repeated “deliberately hostile” scans from the internet, failed to even notice the scans taking place. From here the testers collected information such as services running, version numbers and I’m assuming more, which showed a variety of possible attack vectors.

Three agencies were then selected for an active intrusion test, which was successful. None of these three detected the intrusion let alone respond or prevent further intrusion.

The office, given the ¬†assessed the probability as ‘highly likely’ that all 15 could have been compromised.

It’s clear that Offensive Security is getting the upper leg on Systems Administrators, or were the personnel in this case merely under trained or under prepared?

Comments are closed.