International hackers have targeted the Queensland government, with cyber security experts being forced to defend against several potentially disastrous online attacks.
Last year, state government IT experts prevented 19 distributed denial of service (DDoS) attacks, during which an average of 8000 malicious domain name system (DNS) requests per minute were blocked.
A DDoS attack typically involves flooding a network with requests from multiple computers in an attempt to overload the system and can shut down websites, while DNS floods are a type of DoS.
During 2017-18, state government cyber security experts also collected and analysed an average of 400 million events per day from more than 130 sources.
Those system events – threat intelligence or activity flagged as of interest – were recorded across the state government network and were detected by security infrastructure, such as firewalls.
“While this is regarded as criminal activity, the specific intention of the attacks is unknown and the majority of attempts appear to have originated from various countries,” a Housing and Public Works Department spokeswoman said.
“However, cyber criminals behind such attempts often mask their true origin, therefore geographical information is not a true indicator of the source.”
Fairfax Media asked for specific details of the dates, targets and outcomes of the 19 DDoS attacks.
But the spokeswoman said the government’s policy, based on security advice, was not to publicly comment on specific cyber security incidents.
In 2016, the Palaszczuk government created a whole-of-government Cyber Security Unit, sitting within the Chief Information Office, to enhance cyber security.
In 2016, a DDoS attack left millions of users, mostly in the US and Europe, unable to access websites including Twitter, Spotify and Netflix.
Interruptions were also experienced by websites including ANZ, Coles, eBay and The Sydney Morning Herald.
In May last year, it was revealed five of Queensland’s biggest hospitals were suffering from major IT problems after efforts to prevent a possible cyber attack backfired.
Security patches were installed in response to a global ransomware attack that affected hundreds of thousands of computers worldwide, but the patches then caused system slowness.
However, there were no patient safety issues as a result.