Australian fire service operating 85 stations shuts down network after cyberattack

Australia’s fire and rescue service in the state of Victoria has shut down its network and is operating manually after being targeted with a cyberattack by “an external third party,” according to a statement released on Friday. 

A cyberattack caused “a widespread IT outage” affecting Fire Rescue Victoria’s (FRV) emails, phones and emergency dispatch systems that automate firefighters' work — for example, opening station doors as soon as firefighters receive an emergency call.

FRV operates 85 stations across the state, which includes Melbourne and is home to about 6.5 million people. It was established in 2020 as part of reform efforts aimed at modernizing the state’s fire and rescue response efforts.

Victoria’s fire crew continues to operate as usual but has to use manning radios, pagers and mobile phones to respond to triple-zero calls. The system shutdown may last for up to four days while the incident is under investigation, according to the department’s acting commissioner Gavin Freeman.

During a news conference on Thursday, Freeman said that the department had to bring in extra staff to make sure someone would always be listening to the radio.

The department’s network outage was first discovered early on Thursday, but officials didn't attribute it to a cyberattack at the time. Although the cyberattack mostly affected the emergency dispatch system, the fire service had to shut down its entire network as a precaution. 

There were no ransomware demands at the early stage of the investigation, according to Freeman.

FRV said it is “working around the clock” with local cybersecurity firms and the government to get its systems back up and running and find the cause of the incident.

“We’ll put everything in place to mitigate it and ensure that it doesn’t happen again,” Freeman said.

FRV did not respond to a request for comment at the time of publication.

Cyberattacks have become a huge problem for Australia’s government and businesses. The Australian Cyber Security Centre received over 76,000 cybercrime reports during the last financial year, a 13% increase on the previous year, and warned that cyberspace in Australia has become a “battleground.”

Recent high-profile data breaches in Australia include cyberattacks on health insurance company Medibank and the country’s second-largest telecommunications company, Optus. Both led to the public exposure of customers’ sensitive data and the theft of information.

Australia's weak data privacy protections and lack of cybersecurity specialists could make it a lucrative target for cybercriminals, according to experts.