That’s appalling news. The Western Australian Office of the Auditor General engaged and was able to break into 2 Australian government networks. Worse, in the very first attempt! Both networks were using the login “admin” and password “password”. No joking here!
The Auditing team managed to download thousands of highly confidential documents into an USB drive.
And then they came back a week later…
And then they used the same login and password, and downloaded more stuff…Nobody noticed anything. No alerts, no monitoring, no defensive measures. IT team, hello?
But Wait, It Gets Worse…
Check these findings:
- Dozens of database administrator accounts using default passwords and usernames that had never been changed.
- Several database accounts with passwords as: “test”, “password1” and “sqladmin”.
- A database administrator account using password ‘DBA’.
- Other administrator passwords had not been changed for over a decade. Leaving access to people who might have left the organization still intact.
- A database server was being administered using 17 highly privileged accounts for which the passwords had never been changed!
- All 13 Production databases were hacked. None of them had back-ups encrypted. All there for the taking.
- At least one database server had never been patched.
- Unexplained misconfigurations in at least two of the agency databases with opened backdoors.