• +61 (0) 8 6388 8059
  • Mon - Fri 09:00 - 17:00 AWST

Australian Government & Businesses are under cyber attack!

SenseICT has been advised of the following by the Australian Cyber Security Center via Stay Smart Online.

 

What’s happened?

The Australian Government is aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.

A range of tactics, techniques and procedures are being used to target multiple Australian networks. It’s important that Australian companies are alert to this threat and take steps to enhance the resilience of their networks. Cyber security is everyone’s responsibility.

What your IT managers can do

The ACSC has produced the following technical advice for Information Technology managers: Advisory 2020-008: Copy-paste compromises – tactics, techniques and procedures used to target multiple Australian networks.

The advice includes the following mitigation strategies to help reduce the risk of compromise to your systems:

1. Prompt patching of internet-facing software, operating systems and devices

All exploits utilised by the actor in the course of this campaign were publicly known and had patches or mitigations available. Organisations should ensure that security patches or mitigations are applied to internet-facing infrastructure within 48 hours. Additionally organisations, where possible, should use the latest versions of software and operating systems.

2. Use of multi-factor authentication across all remote access services

Multi-factor authentication should be applied to all internet-accessible remote access services, including:

  • web and cloud-based email
  • collaboration platforms
  • virtual private network connections
  • remote desktop services.

More information

While no single mitigation strategy is guaranteed to prevent cyber security incidents, implementing the ACSC’s Essential Eight provides baseline protection.

If you have been a victim of a cybercrime, go to ReportCyber and report it.

For advice with a cyber-security incident, email This email address is being protected from spambots. You need JavaScript enabled to view it..

Should you need any assistance from SenseICT please don't hesitate to contact us via our Contact Page or via 08 63 888 059 during business hours.

Sign up for Stay Smart Online alerts by clicking here! They're free!