Significant cyber security risk – ECEC services urged to act before Christmas

The Victorian Department of Education has issued an urgent alert to its email subscribers, warning them of a “significant cyber security risk” being closely monitored by Australia’s Cyber Security Centre (ACSC), the Cyber Incident Response Service (CIRS) and the department’s Information Security Team.

 

The department has been notified of a cyber security flaw in a software utility known as Apache Log4J Remote Code Execution. This software is used by developers to collect information across networks, websites, and applications and is used across all states and territories in Australia. 

 

All Australian providers should be aware of the need to act on this notice before closing for Christmas.

 

The risk to the early childhood education sector

 

The flaw in Log4J allows password-free entry into vulnerable systems, exposing internal networks to internet-based attackers seeking to access valuable data, plant malware, erase crucial information and more.

 

What is being done?

 

The ACSC has issued a critical alert for this vulnerability, urging organisations to apply the latest available security patches. The Department’s Incident Management Team is rapidly assessing, scanning, and patching the department’s IT environments.

 

What early childhood education providers should do

 

• All staff should remain alert for any strange computer or application behaviour
• If they notice any strange computer behaviour, immediately notify their local IT technicians who will then engage with the appropriate security advisories to investigate
• For Victorian early childhood education providers without a dedicated IT technician, or who have closed for the summer break, please log a service ticket in DET’s Service Desk Portal or call 1800 641 943 immediately
• DET’s Service Desk Portal and contact number are able to provide support for this specific cyber security issue only (Log4J).

 

For technicians

 

• Check whether any products are affected by the Apache Log4J vulnerability
• Ensure servers and computers are updated with the latest operating system patches
• Apply the latest Log4J patches immediately by upgrading to the current release of Apache Log4J 2.16.0 or newer to remediate the vulnerable functions
• Where an upgrade is not possible, apply system hardening settings such as:
  – disabling internet connections from vulnerable servers and computers
  – isolating servers and computers running vulnerable applications, to prevent further spread.

 

Refer to these helpful resources for more advice:

 

• the US Cybersecurity and Infrastructure Security Agency-maintained community source list of publicly available information and vendor-supplied advisories
• the Netherlands National Cyber Security Centre’s list of affected products.

 

More information

 

Victorian early childhood education providers impacted by this vulnerability or requiring further assistance can:

 

• contact their relevant IT Service Delivery Manager
• log a Service Ticket in DET’s Service Desk Portal or call 1800 641 943 immediately
• contact the Information Security Team by email: [email protected]

 

Services in other states and territories with concerns should contact the relevant services for their jurisdiction.