The Department of Parliamentary Services (DPS) is set to launch its new message authentication system in the next few weeks.
DPS will deploy the domain-based message authentication, reporting and conformance (DMARC) to aph.gov.au in early December.
President of the senate Slade Brockman announced the upcoming launch at a recent senate estimates session. Brockman claims that DMARC will clamp down on unauthorised use of the aph.gov.au domain by preventing cyber criminals from using it for email spoofing or phishing attacks.
Bockman says that the parliamentary network is among the most targeted IT systems in Australia, and that public servants act as attractive targets for adversaries trying to gather confidential government data, as email is the most vulnerable pathway to exploiting wider IT systems.
Parliamentarians and public servants who use third-party distribution services have been notified that they must create a new email domain by December 6 in order to continue sending emails through the same platforms. This means that services such as MailChimp will no longer be able to act on behalf of aph.gov.au when sending emails.
The DMARC initiative was announced in the agency’s 2020-21 capital budget among several other cyber security initiatives set to enhance the parliamentary computing network.