The Australian Cyber Security Centre (ACSC) has discovered that Australian organisations are currently being targeted by a sophisticated state-based cyber actor.
Announced by the Prime Minister, Scott Morrison the cyber-attack is targeting Australian organisations across a range of sectors, including all levels of Government, industry, political organisations, education, health, essential service providers, and operators of critical infrastructure.
“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used,” Mr Morrison said.
“The Australian Government is aware of and alert to the threat of cyber-attacks,” he said.
“All Australian organisations who might be concerned about their vulnerability to sophisticated cyber compromise can take three simple steps to protect themselves.”
Mr Morrison’s three-steps to protection were to patch internet facing devices promptly; ensure they use multifactor authentication to secure internet accessible infrastructure and cloud-based platforms; and become an ACSC partner to receive the latest cyber threat advice so they could take action early.
He said the ACSC and the Department of Home Affairs had published a more detailed technical advisory for Australian businesses and organisations to protect themselves.
“The ACSC has also been actively working with targeted organisations to ensure that they have appropriate technical mitigations in place and their defences are appropriately raised,” he said.
Mr Morrison said the Government was encouraging organisations, particularly those in health, critical infrastructure and essential services, to take expert advice, and implement technical defences to thwart the malicious cyber activity.
The ACSC and the Department of Home Affairs’ technical advisory can be accessed at this PS News link.