Skip to main content

News and stories

Registration

15 December 2020

Important Notice Regarding Security Updates for the Registration System

Two adults sitting at a table looking at a laptop screen

In 2021, the Greenhouse and Energy Minimum Standard Regulator (GEMS Regulator) will be releasing several security updates to the Energy Rating Product Registration System (the Registration System).

These updates aim to:

  • Increase the security of the passwords in the Registration System;
  • Further protect the Registration System against denial-of-service attacks;
  • Restrict access to the Registration System to current users;
  • Outline acceptable use of the Registration System.

These changes involve you as the end user and your access to the Registration System. The GEMS Regulator will provide further details on these changes in coming months.

Applications such as the Registration System are facing an increased risk of attack from malicious individuals or organisations. These individuals or organisations seek to disrupt or compromise systems and infrastructure, using sophisticated software and hacking tools. They take advantage of vulnerabilities in user login details to penetrate systems and avoid detection. The intent is often to steal or compromise data, or make a system unavailable.

The consequences of a cyber-attack are severe and can include:

  • Disruption to daily business;
  • Significant financial loss;
  • Loss of intellectual property; and
  • Reputational damage.

The GEMS Regulator is taking steps to protect the Registration System against cyber-threats. This is occurring in consultation with the Energy Efficiency Conservation Authority (EECA) in New Zealand (the New Zealand Regulator).

These steps include:

  • applying regular security updates to the system infrastructure;
  • implementing the strategies from the Australian Cyber Security Centre’s (ACSC) Essential Eight; and
  • implementing the security controls from the Australian and New Zealand information security manuals.

We have incorporated cyber security into our day-to-day business and remain alert to potential threats. We look for new opportunities to increase the Registration System’s overall defence against cyber-attacks.

The security of the Registration System and its data is a high priority for both Regulators. We commit to ensuring the confidentiality, integrity and availability of the Registration System. 

We also know that keeping our system secure is a shared responsibility.  As a user of the Registration System, you also have a role to play. This includes:

  • Keeping your username and password confidential;
  • Using passwords that are difficult to guess and contain numbers, letters and special characters;
  • Logging out of the Registration System when you are no longer using it;
  • Refraining from using group or shared accounts;
  • Reporting suspicious activity to energyrating@industry.gov.au;
  • Refraining from attempting to circumvent or disrupt the security mechanisms that protect the Registration System.

If we all play our part, we can keep the Registration System safe from cyber-threats.

Please contact energyrating@industry.gov.au for further information.

Recommended for you

Child plays behind the door of a fridge while adult looks around trying to find them

Registration

New Upgrade Facility For Household Refrigerators and Freezers

New Upgrade Facility For Household Refrigerators and Freezers

06 June 2021
A photo of a kitchen with a fridge on the left

Registration

Household Refrigerator and Freezer Energy Efficiency Regulation – Retailer Information

Household Refrigerator and Freezer Energy Efficiency Regulation – Retailer Information

29 July 2021
Digital image of the Energy Rating Label next a checklist document titled 'Requirements' and a series of completed tick boxes and simulated text

Registration

New Auto-Label Generation Facility Available for Labelled Products

New Auto-Label Generation Facility Available for Labelled Products

13 August 2021
Was this page useful?
CAPTCHA