This morning, Prime Minister Scott Morrison advised that the Australian government and Australian businesses are currently subject to sustained cyber-attacks by a sophisticated, foreign “state-based” hacker. 
All levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure are being targeted. Although at this stage there does not appear to be any “large scale” breaches of personal data, it is important that all businesses and organisations review their cybersecurity mitigation strategies to ensure they are adequately protected from cyber-attacks.
Mr Morrison urged all organisations, particularly “those in the health, critical infrastructure and essential services to take expert advice and implement technical defences to thwart this malicious cyber activity”.
The Australian Cyber Security Centre’s Advisory 2020-008 details the tactics, techniques and procedures (TTPs) identified during the ACSC investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework. The MITRE ATT&CK framework is a curated knowledge base of 11 tactics and hundreds of techniques that attackers can leverage when compromising enterprises and Government organisations.
The title ‘Copy-Paste Compromises’ is derived from the actor’s heavy use of proof-of-concept exploit code, web shells and other tools copied almost identically from open source.
Specifically intended for critical infrastructure organisations and SCADA users, Agilient is hosting an important webinar on Thursday 25 June at 9am (AEST) with international experts Chris Blask (Unisys) and Brandon Witte (Sightline). The webinar will address the challenges associated with new IoT technologies, and how to link them securely with legacy hardware and software systems.
Click here for more information and to register for this timely event.
Agilient is one of Australia’s leading security consultancies, assisting clients to solve complex risk and security challenges such as the current significant cyber-threat and cybersecurity attacks.