Security slip-up affects PM and Cabinet network

Government Shared Network encryption certificates expire

When the clock ticked midnight on October 30, several government departments became vulnerable to digital attack after the encryption certificates for the Government Shared Network expired.

The departments affected included that of the Prime Minister and Cabinet.

Internal Affairs confirms the outage on November 1 but says there were no actual security breaches.

“In such a situation, traffic will not traverse the network to avoid the potential of a security breach,” DIA says in a written response to Computerworld.

“The department is very concerned that the outage occurred and is working closely with the vendor to ensure that such outages are mitigated as far as possible in the future for the remaining time that agencies will be using the GSN (around four to six weeks).”

The GSN is being replaced by a network known as one.govt, which will be run by Datacraft.

“We inherited the platform from IBM and there was a technical issue that culminated from that,” a Datacraft spokesman says.

It was fortunate that the incident occurred on a Sunday. DIA confirms that only the Department of Labour, which operates at airports seven days a week, was operationally affected.

DIA says the certificates had to be rebuilt.

“It relates to a single point of control for certificates, by deliberate design, rather than an infrastructure single point of failure.

“The GSN is designed to align with government security policy.”

DIA says the cost of providing and rectifying the service will be borne by the service provider.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Security ID

Show Comments