Cyber attacks targeting Australian Government and businesses
The Australian Government has advised that they are aware of and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.
The Australian Government has advised that they are aware of and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The cyber attacks are targeting a range of sectors, including all levels of government, education, health, essential service providers and operators of other critical infrastructure.
What is happening?
The attacks are being referred to as ‘Copy-paste compromises’. The title is derived from the actor’s heavy use of proof-of-concept exploit code that is copied almost identically from open source code. The actor is utilising various spearphishing techniques in the form of:
- Links to credential harvesting websites
- Emails with links to malicious files, or with malicious files directly attached
- Links prompting users to grant Office 365 authentication tokens to the actor
- Use of email tracking services to identify the email opening and lure click-through events
Once the actor has gained initial access, they are utilising a variety of tools to persist on, and interact with, the victim network.
How you can protect your business
Install updates and patches
The exploits utilised by the actor are publicly known and have patches available. Organisations must ensure that updates and security patches are installed on all internet-facing software, operating systems and devices as soon as possible.
Use Multi-Factor Authentication
Multi-Factor Authentication (MFA) should be applied to all internet-accessible remote access services. This includes:
- Web and cloud-based email
- Collaboration platforms
- Virtual private network connections
- Remote desktop services
MFA creates a layered defence, making it more difficult for an unauthorised person to access a device or network. It will help protect your business, even if a password has been compromised through an attack. Find out more about how MFA with onPlatinum can protect your business.
For more information on the cyber attacks, head to the Australian Cyber Security Centre website.
To protect your business, contact the team at onPlatinum today.