Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Comment from Australia-based cyber expert on attacks targeting Aus government

June 2020 by Nick Savvides, Director of Strategic Business at Forcepoint

You’ll likely have seen the news this morning that Australia’s government and institutions are being targeted by ongoing sophisticated state-based cyber hacks. Nick Savvides, Director of Strategic Business at Forcepoint:

“The address by Australia’s Prime Minister and Defence Minister is a timely reminder that cyber-security is a serious issue and affects every aspect of Australian life. Everybody has a role to play in keeping us safe from cyber-security threats.

Sophisticated threat actors, state-based threat actors, have significant capabilities, and do not rest in their efforts to gain footholds into our systems, applications and data. It is important that governments, businesses and individuals take cyber-security remain vigilant and continue to improve their cyber-security practices.

We have entered a new era of business and government, where cyber-attacks pose an existential threat to business and can cripple the machinery of government.

The address acts also as a signal to the threat actors responsible that the government and some in the private sector are aware of the attacks, interestingly two specific controls, patching internet facing systems (protecting the edge of networks), enforcing multifactor authentication for users (protecting the users), were specifically called out by the Defence Minister. This indicates that attackers likely operated sophisticated targeted phishing campaigns to capture usernames and passwords from victims and were possibly in possession of 0-day vulnerabilities against systems or used older vulnerabilities on systems that are difficult to patch.

While Australia across has significant capabilities in cyber-security and an active cyber-security community, unfortunately not all organisations are at the same level, with many organisations simply not having right capabilities. We are also struggling with a skills shortage, with unfilled cyber-security roles in every sector, that means many of the skills end up in the top end of town and large departments, leaving small and medium business and government agencies exposed.”




See previous articles

    

See next articles