It has been reported that Australia is currently the target of a “sophisticated” cyber attack – and an unnamed foreign government is behind it. Scott Morrison, the country’s prime minister, says the attacks have targeted all levels of the government – as well as political organisations, essential service providers and operators of other critical infrastructure. “We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting,” he said at a news conference.
Experts Comments
Australia like other advanced nations has strong security measures that provide good protection against even the most sophisticated attacks.
While it's good to hear the Australian PM reminding everyone that this sort of state-sponsored attack is constant and pervasive, what he's not telling everyone is that vulnerability to this sort of attack is a question of cost. For the information and systems that really matter - typically those processing Secret classified information - Australia like other advanced nations has strong security measures that provide good protection against even the most sophisticated attacks. But across the.....Read More
Australia, and other states worldwide need to use this as a stark reminder of the importance of protecting their critical infrastructure.
The notion of nation state hacking is not a new phenomenon and in recent months we have seen a drastic increase across the board. Many organisations and, indeed, governments have been under incredible pressure during the outbreak of COVID-19, and many nation-state actors have seen this as a perfect crisis to exploit.
Despite not knowing full details of the culprits behind the cyber-attacks on Australia, one thing is certain. No organisation is exempt. The attacks have spanned across various.....Read More
We need to collectively find ways of raising the cost of cyber-attacks by China and other states.
The technical details of the attack issued by the Australian Government point to China as a likely state actor. Although the techniques and vulnerabilities exploited are not new, the scale, sophistication and targeting are consistent with Chinese cyber-attacks against the Australian parliament, and other organisations and companies in many democratic countries.
Chinese state cyber-attacks of this type are not new but have progressed from large scale and low sophistication to high grade,.....Read More
The information provided in the Australian Government ACSC advisory on this issue is very detailed and provides good guidance.
The announcement on the cyberattacks on Australian institutions is a concerning, but not unexpected, reminder of the level of serious cyber threat activity that occurs in our country and our region. There have been a significant number of high profile incidents reported in Australia in recent times, and this adds another report of significant cyber threat activity to the mix.
The Australian Prime Minister and Minister for Defence do not undertake these sort of briefings lightly, and the.....Read More
Everybody has a role to play in keeping us safe from cyber-security threats.
The address by Australia’s Prime Minister and Defence Minister is a timely reminder that cyber-security is a serious issue and affects every aspect of Australian life. Everybody has a role to play in keeping us safe from cyber-security threats.
Sophisticated threat actors, state-based threat actors, have significant capabilities, and do not rest in their efforts to gain footholds into our systems, applications and data. It is important that governments, businesses and individuals take.....Read More
Threat actors don’t need to develop or pay for zero-day flaws in software.
Many breaches and attacks are accomplished by failing to do the basics - regardless of who the attacker is. The vast majority of breaches and attacks today are the result of known but unpatched vulnerabilities. Threat actors don’t need to develop or pay for zero-day flaws in software. They can simply leverage publicly available exploit code for vulnerabilities that have patches available, honing in on a window of opportunity where organisations have yet to apply these patches. “Now more.....Read More
Organizations can start to turn the table on cyber adversaries by increasing the amount of threat hunting.
Prime Minister Morrison knows that this isn't the first time his country has come under cyber attack, as companies of all sizes in the public and private sector have gone through this drill many times over. We used to say loose lips sink ships, but today loose clicks can sink a company in any industry whether it be in the critical infrastructure, healthcare, retail or banking spaces. Hacking is a game of cat and mouse, and the mouse is getting bigger; it's very motivated to embarrass.....Read More
Nation state actors will hunt for anything which will give them a foothold across the full stack of a network.
Nation state attacks are not uncommon and occur on a continuous basis so it’s interesting that this was highlighted by the Australian government.
There is a general belief that government networks and systems, of which there are thousands, with network the scale of a huge enterprise, are underfunded and less secure than private corporation systems. Nation state actors will hunt for anything which will give them a foothold across the full stack of a network.
The challenge for governments .....Read More
The practice of stealing intellectual property in this way has been going on for a very long time.
The practice of stealing intellectual property in this way has been going on for a very long time. And this highly targeted phishing technique or ‘spear phishing’ is presenting itself as a huge risk to governments and companies across the board. Cybercriminals utilise information from social media profiles, even using advanced technology such as AI to improve the scale and fidelity of threats. This enables them to fine tune phishing emails to look more and more like the real thing, creating .....Read More
The potential impact of an attack on critical national infrastructure should not be understated.
The potential impact of an attack on critical national infrastructure should not be understated. As smart buildings, cities and the Internet of Things become more common, vulnerabilities are growing, and state sponsored attackers are on the lookout for ways in. The lines between cyber and physical are blurring and this raises the stakes for all involved – increasing the likelihood of unintentional escalations and further complicating international relations. With such prospects, it is now the .....Read More
There will undoubtedly be more information coming out in the coming days and weeks as to the specifics of the attackers.
There will undoubtedly be more information coming out in the coming days and weeks as to the specifics of the attackers. The ACSC advisory indicated that the attackers tried to compromise public-facing software, and where that wasn't possible they reverted to spearphishing. While protective actions include advising organisations to patch systems and deploy MFA, it's surprising to see they didn't also recommend user awareness and training, which is a key component of a layered strategy in.....Read More
The risks we face from state actors will only increase as this is the world we live in now.
When our Government institutions, Government Agencies, health and essential industry, education, infrastructure, and the private sector are attacked like this the first question asked is ’how is this possible’. The answer is because the cyber criminals are incredibly sophisticated and no matter how hard we try we are never going to stop them. We all want to know how access was obtained - through phishing, insider threats, ransomware all of which are attributed to human error. Or was access .....Read More
Despite this increased threat, over half of organisations – 55% – don't provide any sort of email security training on a frequent basis.
This alleged cyber-attack is further evidence of the need for businesses to ensure their cybersecurity practices are robust and mitigation measures up-to-date. At Mimecast, our recent State of Email Security report found that 60% of organisations believe it's inevitable that they'll fall victim to an email-based attack over the course of the next year. There is no doubt that such attacks are on the rise at an alarming rate, compounded by the COVID-19 pandemic and the resulting restrictive.....Read More
Cyberattacks are the most used method to root out and steal intellectual property and other valuable or sensitive information.
As cyberthreat actors evolve and gain sophistication, many governments including in Australia have recognised this and are taking steps to address the situation For a start, kudos to the Australian administration for openly communicating the recent attacks. It’s encouraging to see that the relevant authorities are monitoring this closely and have the necessary visibility. Cyberattacks are the most used method to root out and steal intellectual property and other valuable or sensitive.....Read More
Organizations should ensure Telerik UI and other software is updated to the latest version to prevent exploitation of known vulnerabilities.
With the news of compromises of the Australian government and other organizations, many people are concerned about who is behind the activity. I would urge caution in jumping to conclusions about attribution, particularly when there is limited public information. Attribution is particularly challenging for this activity due in part to the adversary’s reuse of open source code, leading to the Australian Cyber Security Centre (ACSC) report title “Copy-Paste Compromises.” The tools mentioned .....Read More
Multiple hit rates increase the velocity of the attack too.
It is vital that it is not just Australian organisations that are on alert to this threat, as the whole world must take steps to enhance the resilience of their networks. Although this is not a direct result of COVID-19, there is an assumption that increased working from home enables such attacks to operate more easily.
The attackers used various spearphishing techniques including links in their cleverly designed emails to target their prey. Spearfishing has a remarkably high success, rate.....Read More
In 2015 an attack on Ukraine’s power grid left 230,000 people without power for up to six hours.
The most alarming element of the multi-faceted cyber-attack launched on Australian organisations is the risk it poses to Australia’s critical infrastructure - the very services on which society depends including our water supply, power grids and telecommunications systems.
Cyber-attacks on businesses are damaging enough, but the impacts of a successful attack on any of these critical services could be catastrophic, such as shutting down the electricity grid.
Critical infrastructure.....Read More
An attack such as we’re seeing illustrates that attackers can discover weaknesses in organizations of all sizes.
Cyber-attacks come in all forms, and the attacker defines the rules of their attack. In this case, the attacker has chosen to disrupt business and governmental activity in Australia. Ignoring speculation on the origins of the attack, its usage of multiple attack vectors makes it more sophisticated than you might experience with a standard phishing or ransomware attack.
The Australian Cyber Security Centre has identified the primary attack mode as an attempted exploitation of the Telerik UI.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Martin Jartelius, CSO , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"We have seen a steady increase in government APT groups over the last decade...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-australia-targeted-by-sophisticated-cyber-attack-by-state-based-actor
Facebook Message
@Martin Jartelius, CSO , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"We have seen a steady increase in government APT groups over the last decade...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-australia-targeted-by-sophisticated-cyber-attack-by-state-based-actor