Share this article on:
Attendees to a $2,000-a-head conference were given the details of what happened during the attack, while the union says impacted firefighters have been left in the dark – which Fire Rescue Victoria denies.
The United Firefighters Union has responded to news that attendees at a for-profit profit conference were given the “inside story” of a 2022 cyber attack on Fire Rescue Victoria while firefighters potentially impacted by the hack are still none-the-wiser.
Fire Rescue Victoria’s chief information officer, Chris Moon, presented a talk titled “Responding to a cyber attack in emergency services: The first 48 hours” at the AFAC24 Conference today (5 September), leaving firefighters “fuming,” according to the United Firefighters Union.
Peter Marshall, United Firefighters Union secretary, expressed concern over the fact that firefighters remain uninformed about the incident.
“Firefighters and FRV employees have been waiting for more than a year and a half for basic answers on this attack,” Marshall said in a statement.
“They have a right to know what happened, who is responsible, whose information was exposed, where it has gone, exactly how systems were affected, when they will be fixed, and how this was allowed to happen in the first place.
“They made a very reasonable request in July this year – more than 18 months after the attack – for a Zoom meeting with senior leadership to get some information.”
Marshall said it was simply unacceptable behaviour, adding: “It is beyond unacceptable [that] the C-level executive in charge of information security has chosen to deliver the inside story of this cyber attack to a paying audience rather than sharing information with the people who were affected by it.”
A spokesperson for Fire Rescue Victoria told Cyber Daily that it has been in regular communication with its employees.
“Fire Rescue Victoria kept its people informed during the response to the 2022 cyber attack and continues to do so, including via regular video updates to staff – as recently as this week,” an FRV spokesperson said.
“The chief information officer’s presentation at AFAC24 is about the first 48 hours of the cyber attack and lessons learnt.”
Fire Rescue Victoria first disclosed it had fallen victim to a cyber attack in December 2022, saying at the time that some employee data had likely been exposed and that some of its communications infrastructure had been impacted. The loss of a station turn-out system that assisted in dispatching firefighters was down until August 2023 and had caused significant delays in response times.
FRV notified the Australian Information Commissioner in January 2023 of a possible data breach.
“Although we do not have evidence that personal information has been accessed or stolen from our systems, given the nature of the cyber attack, we have reasonable grounds to believe that personal information of current and former employees, individual contractors and secondees of FRV and the former Metropolitan Fire and Emergency Services Board (as well as job applicants and other individuals) may have been accessed or stolen by a malicious third party,” the FRV’s AIC notification said at the time.
That same month, the Vice Society ransomware gang took responsibility for the attack, publishing several documents stolen during the incident. Vice Society has been inactive since August 2023, and its dark web site appears to have closed down.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.