Update 2: Barracuda Email Gateway Cybersecurity Incident | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The ACT Government continues to respond to a security breach that has affected Barracuda, an e-mail gateway system that supports some ACT Government ICT systems.

Cyber security investigations are complex and often take some time. Following an initial harms assessment, our investigation will now be undertaken in a phased way to allow a thorough analysis and the appropriate prioritisation of next steps.

There continues to be no requirement for any action by the community at this stage.

Phase 1 – Complete

The following steps have been taken as part of Phase 1.

  1. Isolation & rebuild of the affected system

    The ACT Cyber Security Centre immediately isolated and replaced the Barracuda system eliminating any ongoing vulnerabilities.

  2. Initial Assessment

    An initial assessment was undertaken via our Chief Information Officer Network to identify the systems in ACT Government that interact with the Barracuda system.

  3. External Expertise

    The ACT Cyber Security Centre has engaged the Australian Cyber Security Centre (ACSC), and external Cyber Security experts to assist with the response including doing regular checks, on our replacement system and our systems more broadly.

Following the completion of Phase 1 we can confirm that there continues to be no definitive evidence of any information being removed or misused from our systems. No customers of Barracuda affected by the breach worldwide have been contacted by the threat actor.

Phase 2 – Underway

The completion of phase 1 has identified the breadth and complexity of the work required in phase 2. This phase includes;

  1. Thorough analysis of identified systems and impacts

With the completion of phase 1 identifying the systems that have the ability to interact with the Barracuda system, we are now working to assess each individual system and the scope of information that may have been exposed. In order to move through this phase as quickly as possible we are also engaging external support.

Phase 3

Phase 3 will outline the recommended risk-based actions that the community could take following completion of the exhaustive analysis we will undertake in Phase 2.

Given the complexity of Phase 2, it is expected that it will now be several weeks before we have meaningful information to pass on. We remain committed to providing this information via the Access Canberra website and will deliver our next update as the information becomes available.

With many types of cyber crime it is often not possible to identify all information that may have been compromised. This, combined with information that many of us are sharing online via social media means that taking precautions to protect our personal information is now more important than ever.

There are many ways that information can be compromised online. We encourage you to visit, which has extensive information on how to protect your information online, how to recognise and report issues and how to respond if you are concerned your information has been compromised.

Further updates will be provided via

/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.


Click Here For The Original Source.

National Cyber Security