A cyber-attack on government and private institutions is underway according to Prime Minister Scott Morrison in his announcement last Friday, 19 June.
While cyber-attacks are nothing new, he said that these eries of attempts have been happening over many months and are increasing. Detected by the Australian Cyber Security Centre (ACSC), there is evidence that this hacking attempt is being run by a foreign government and is aiming at attacking email accounts, servers and well-known Australian websites. There was no mention of which country the government believed was responsible, except saying it was a state-based actor with very significant capabilities.
Who is being targeted?
This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
How cyber-attacks happen?
Cyber-attacks occur when hackers try to gain illegal access to data stored on a website, server or network. They will try to take control of the said data by exploiting a mix of known vulnerabilities. If unsuccessful, hackers can resort to sending Phishing emails to the staff of the targeted institution which can give access when clicked.
Once compromised, the hacker can gain access to browse the network and look for valuable information that they can use to benefit the country they are working for.
What can I do to protect my data?
While there’s no single mitigation strategy that prevents cyber-attacks from happening, you can refer to these pointers as a baseline for protection:
- ACSC published their Essential Eight guidelines to assist organisations in protecting their data against attacks. These strategies can be customised based on each organisation’s risk profile and the adversaries they are most concerned about.
- Also recommended by ACSC is setting up multi-factor authentication. This is where a system sends you a one-time code to your registered phone. Only the person who has this code can log in, so even if a hacker knows your username and password, they won’t be able to access your email or website.
- Make sure that your websites, corporate portals, servers, etc are fully patched with the latest update.
These measures alone do not equate to a fully protected organisation and there are many other measures that can also be put in place to ensure a strong cyber defense. When data is our biggest asset, vigilance is key–cyber-attacks don’t only happen to large institutions.
Every business that has a network, handles data and customer information should have a firewall regardless of size. According to a report, over 60 per cent of small businesses don’t survive a cyber-attack.
Thinking of offering a managed security solution to your clients? Hosted Network’s Managed Next-Generation Firewall ensures you have an effective ally against cyber-attacks. Powered by Fortinet, we can deliver not only protection but also visibility, and business continuity shielding your clients against a wide range of sophisticated threats.
Interested? Reach out to your Account Manager or our sales team at email@example.com and/or 1300 781 148 for guidance and information.