An IT security analyst is warning that global hackers could target New Zealand Government IT systems if security problems are not tackled properly.
Daniel Ayers' warning comes in response to another issue
concerning access to private information, this time at the Ministry
of Justice.
Just days after the Work and Income privacy blunder, the Justice Ministry has its information kiosks on lockdown.
-
Related
Now Ayres is concerned about the vulnerable state of government IT systems in general.
"I'm worried that we're going to find more revelations like this and get some unwelcome attention from hackers around the world," Ayres said.
ONE News understands an urgent security review found the kiosks could access sensitive information through the ministry's private networks.
The ministry says the kiosks at its national office and the Maori Land Court have been shut down as a precautionary measure and it is confident no private information has been made public.
A significant security flaw was found in Winz kiosks which allowed a blogger to access sensitive private information, including names of people who had tried to commit suicide.
"They shouldn't build the systems this way in the first place, and regular reviews, you would hope, would find these problems," Ayres said.
The Department of Internal Affairs is now conducting an urgent review of all publicly accessible government IT systems. This includes kiosks or similar devices connected to government networks, some web servers and wireless networks providing access to the public.
The review is set to take five weeks, but whether that is long enough is being questioned.
"If the Government doesn't get this right, hackers now know that there are issues. And hackers love embarrassing Governments," Ayres said.
ONE News wanted to know exactly how many Government departments have information kiosks like the ones which sparked this review. But Internal Affairs was not able to say.
The department said, however, more kiosks are likely to be shut down before the review is over.
Government chief information officer Colin MacDonald said many departments will be going through their publicly accessible systems, testing and checking them.
"In order to do that, they will inevitably have to take them down, take them off line," MacDonald said.
The measures are being taken to ensure privacy is protected and to avoid any further embarrassment for the Government.