During mid-June 2020, the Federal Australian government announced that several government entities and some organisations across a variety of industries were under a state sponsored attack by a foreign government.
Remain calm during cyber attack
Although this was a large scale attack, we want to assure you – cyber attacks are not major, uncommon events. You have reason to remain calm.
As Information Security specialists with over 20 years of experience, we remind all our clients to ensure that basic security processes are in place, prior to identifying and during cyber attack.
The Australian Cyber Security Centre (ACSC) has released an advisory campaign containing recommended mitigations. The ACSC recommends swift patching of all internet-facing infrastructure and operating systems, as well as the use of multi-factor authentication as prioritised measures of mitigation.
In order to take comprehensive precautions, we recommend that all organisations align their security operations with the entirety of ASD Essential 8 controls.
We suggest the following additional measures of protection against cyber attack:
1. Ensure your firewalls rules are secure and block any untrusted connections:
Make sure firewall rules are up to date and blocking all non-essential traffic. As an added layer of protection, ensure there are no legacy rules opening up access to your internal network.
2. Ensure your email protection platform is configured in accordance with best practices and has all necessary features turned on to detect phishing emails.
3. Ensure all your employees are aware of the attack and are vigilant when clicking links in emails they are receiving.
4. Implement active Intrusion Prevention Systems (IPS) feature in your firewalls:
If possible, deploy IPS on critical internal networks to identify any suspicious or malicious activity.
5. Make sure you are collecting all important logs from critical systems:
In the case that Incident Response is required, there should be sufficient data to analyse and contain the attack.