Australia cyber attacks torrent prompts release of new guidance as authorities shore up national defenses

Night Map of Australia with City Lights Illumination
(Image credit: Getty Images)

The Australian Cyber Security Centre (ACSC) has published fresh guidance on how high value targets can improve their cyber security after a series of high profile attacks in the region sparked action from authorities.

The ‘practical cyber security tips for business leaders’ guidance issued by the ACSC includes advice on how organizations can secure devices, accounts, and social media and communications channels, and what to do if they believe they have been compromised.

The key practical tips provided in the new guidance includes enabling multi-factor authentication (MFA), updating and patching software, applications, and operating systems regularly, and backing up important files.

Using separate work and personal devices and accounts is equally important in order to ensure sensitive information does not end up on unsecured devices.

The ACSC also advises users to only install software from trusted sources and allow these apps the minimal level of permissions required to run as extra InfoSec precautions.

The new guidance from Australia’s cyber security agency comes right after the full list of institutions affected by the country’s largest ever government data breach was published.

In April 2023, Australia’s largest commercial law firm HWL Ebsworth suffered a cyber attack that saw over 2.5 million documents stolen from the company’s database.

The affected organizations included 65 government agencies such as the national postal service, the Tax Office, and the Departments of the Prime Minister and Cabinet, Foreign Affairs and Trade, and Home Affairs.

Ransomware group ALPHV, also known as BlackCat, claimed responsibility for the attack and later published almost half of the stolen documents on the dark web.

Other major cyber incidents in the region include an Australian travel agency, Inspiring Vacations, suffering a data breach that saw a 26.8 GB database storing the personal information of thousands of tourists publicly exposed.

RELATED RESOURCE

A whitepaper from SecurityScorecard on how to best mitigate third party risk

(Image credit: SecurityScorecard)

Discover the seven steps financial institutions need to follow to prepare for DORA

DOWNLOAD NOW

The database, containing passport numbers and other similarly sensitive PII, was inexplicably lacking any protections such as authentication layers or password restrictions.

Recordings of proceedings from Australia's Victoria State court system over the month of November in 2023 were also exposed in an extortion attack suspected to be orchestrated by a Russian hacking group using the Qilin ransomware strain.

In his foreword for Australia’s Annual Cyber Threat Report in November 2023, deputy prime minister Richard Marles said increased economic, military, strategic, and diplomatic competition in the Indo-Pacific region was driving cyber attacks on domestic organizations.

“Australian governments, critical infrastructure, businesses and households continue to be the target of malicious cyber actors,” he said. “This report illustrates that both state and non-state actors continue to show the intent and capability to compromise Australia’s networks.”

Speaking to ITPro, Javvad Malik, lead security awareness advocate at cyber security company KnowBe4, said the flurry of attacks on Australian organizations should not necessarily be interpreted as an indictment on the country’s cyber readiness, but that efforts to improve the security culture of citizens are vital in mitigating the impacts of attacks nonetheless.

“It's probably an unfair assertion to claim that the Australian government is somehow failing in its efforts, but rather they are being targeted more than previous,” he said.

“This will happen with any organization, so preparation is critical. Creating a culture of security is a vital aspect of this so that organizations are not only protected, but also resilient to attacks and can recover quickly.”

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.