Top Secret Data Stolen From Australian Defence Contractor

It has been reported that the Australian Signals Directorate (ASD) was alerted by a “partner organisation” that an attacker had gained access to the network of a 50-person aerospace engineering firm that subcontracts to the Department of Defence. The attack was said to have happened in November 2016. Javvad Malik, Security Advocate at AlienVault commented below.

Javvad Malik, Security Advocate at AlienVault:

Javvad Malik“This incident highlights fundamental security errors. Leaving internet-facing devices exposed with default credentials is a guaranteed way to be compromised quickly.

Furthermore, the lack of any threat detection capabilities missed the attack coming in and exfiltrating a large amount of data.

While many enterprises may sometimes worry about advanced attacks, more often than not, tightening up security fundamentals, changing default credentials, managing assets, and monitoring for intrusions and threats is sufficient to deter or detect the majority of attacks.”

Subscribe
Notify of
guest

0 Expert Comments
Inline Feedbacks
View all comments
Information Security Buzz
0
Would love your thoughts, please comment.x
()
x