Australia targeted by sophisticated cyber attack
19th June 2020
(Source: Stay Smart Online: Alert Priority HIGH - Australian governments and companies targeted by a sophisticated state-base actor)
The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.
A range of tactics, techniques and procedures are being used to target multiple Australian networks. It’s important that Australian companies are alert to this threat and take steps to enhance the resilience of their networks. Cyber security is everyone’s responsibility.
What your IT managers can do
The ACSC has produced the following technical advice for Information Technology managers.
The advice includes the following mitigation strategies to help reduce the risk of compromise to your systems:
Prompt patching of internet-facing software, operating systems and devices
All exploits utilised by the actor in the course of this campaign were publicly known and had patches or mitigations available. Organisations should ensure that security patches or mitigations are applied to internet-facing infrastructure within 48 hours. Additionally organisations, where possible, should use the latest versions of software and operating systems.
Use of multi-factor authentication across all remote access services
Multi-factor authentication should be applied to all internet-accessible remote access services, including:
- web and cloud-based email
- collaboration platforms
- virtual private network connections
- remote desktop services.
More information
While no single mitigation strategy is guaranteed to prevent cyber security incidents, implementing the ACSC’s Essential Eight provides baseline protection.
Find out more on how to become involved in the ACSC Partnership Program.
If you have been a victim of a cybercrime, go to ReportCyber and report it.
For advice with a cyber-security incident, email asd.assist@defence.gov.au.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Disclaimer
This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.
Comments