State-based actor commits cyber attack against Australian organisations
19 June 2020, Written by David Simmons
A sophisticated cyber attack launched by a state-based actor is targeting Australian organisations on a broad scale, according to Prime Minister Scott Morrison.
Speaking to the press this morning the PM disclosed the entity was targeting a variety of Australian organisations across a range of sectors including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure.
The Australian Cyber Security Centre has recommended a number of changes Australian organisations can make to reduce the risk of compromise to their cyber systems.
These include security patches are applied to internet-facing infrastructure within 48 hours, the use of multi-factor authentication across all remote access services, and the implementation of the 'Essential Eight' controls.
The PM declined to disclose which country this cyber-attack came from, emphasising his announcement was not intended to cause alarm but rather to reassure the Australian public of the government's competency in cyber protection.
"The threshold for public attribution on a technical level is extremely high," says Morrison.
"Australia doesn't engage lightly in public attributions, and when and if we choose to do so is always done in the context of what we believe to be in our strategic national interests."
"What I can confirm is there are not a large number of state-based actors that can engage in this type of activity, and it is clear based on the advice that we have received that this has been done step by step, with very, very significant capabilities."
Further, the PM says this attack in particular is not new, rather it has been ongoing for a number of months but has been happening more often lately.
"The frequency has been increasing...over many months," says the PM.
"The purpose of raising this matter here today is to simply raise awareness of these specific risks - they are not new risks, but they are specific risks - and to advise you how Australians, and particularly these organisations, can take action to protect themselves.
The Australian Government has encouraged organisations to visit cyber.gov.au to understand the steps that can be taken to mitigate the threat of the cyber-attack.
The cyber attack announced today by the PM is the latest in a string of attacks launched against Australian companies and organisations, including against the WA Premier Mark McGowan.
In May, the health insurance sector was targeted by a well-known cybercrime group called SeliverTerrirer, taking advantage of COVID-19 confusion.
One of Australia's leading logistics and transport companies Toll was also hit by a ransomware extorsion known as 'Nefilim'. IT systems were shut down once the attack was detected to mitigate the risk of further infection, and Toll notes it has refused from the outset to engage with the attacker's ransom demands.
And beverage giant Lion was embroiled in a cyber crisis after its manufacturing and IT systems was crippled by hackers who demanded a ransom of $1 million.
Business News Australia
Author: David Simmons