• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Australian Businesses Targeted in Russian State-Sponsored Cyber-Attacks

You are here: Home / General / Australian Businesses Targeted in Russian State-Sponsored Cyber-Attacks
Australian Businesses Targeted in Russian State-Sponsored Cyber-Attacks
Australian Businesses Targeted in Russian State-Sponsored Cyber-Attacks

Russian hackers have found their way into the media yet again after the Australian Defence Minister, Marise Payne, has revealed that Russian government-sponsored attacks have allegedly targeted the network devices of up to 400 Australian businesses.

The attacks targeted enterprise-class, SOHO and residential routers and switches used in businesses worldwide, supposedly to perform man-in-the-middle attacks to extract sensitive information from victims such as passwords, intellectual property and other confidential information.

The US government has been receiving information since 2015 that cyber-attacks have been targeting routers and switches all over the world and have assessed that the attacks have been carried out by Russian government-supported actors.

The attacks targeted Cisco routers that were using the “Smart Install” functionality. Smart Install is used to increase the installation speed of Cisco network switches by enabling “zero touch deployment” where a switch can be placed in the network and powered on without configuring the device manually. This feature is controlled by a centralised router that, in recent weeks, has been found to have a number of vulnerabilities that can be exploited in remote code execution and denial-of-service attacks.

Cisco has published an advisory on the actions required to check if Smart Install is in use as well as how to secure the feature if it has been found to be in use. It is highly recommended to consult the advisory if your organisation uses, or is planning to use Cisco devices in their network to ensure the safety of your organisation’s data. The advisory can be found here.

All organisations should ensure their networks are secure through the use of secure routers, switches, firewalls and intrusion detection systems (IDS). However, it is important to ensure that the network devices themselves are securely configured, and patched.

Attacks on network devices are becoming increasingly common as many organisations fail to consider device vulnerability if improperly configured.

If a critical network device is compromised, a potential attacker has direct access to all data traversing the device. They can monitor, modify, deny and capture any traffic passing through it and as many organisations still have insecure internal networks, this can be easily accomplished and can have disastrous effects.

To mitigate these threats, it is highly recommended that all internal data streams and storage be encrypted. Data should be secured at all times, even when being transmitted in an organisation’s internal network. It is also recommended that all network devices have the latest firmware and operating systems available. Many small updates include critical security patches.

For assistance in protecting your organisation from malware and other threats, please contact the enterprise security specialists from Agilient.

Tweet
Share

General

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692