Organisations have been encouraged to urgently adopt an enhanced cyber security position following the cyber attacks that took place against Ukraine.
The Australian Cyber Security Centre (ACSC) warned that there has been a historical pattern of cyber attacks against Ukraine that have had international consequences. It added that malicious cyber activity could impact Australian organisations through uninterrupted or uncontained malicious cyber activities.
The ACSC advises that organisations should bolster their systems by reviewing and enhancing detection, mitigation, and response measures. They should ensure that logging and detection systems in their environment are fully updated and functioning, and apply additional monitoring of their networks where required.
Organisations should also assess their preparedness to respond to any cyber security incidents, and review incident response and business continuity plans, it added.
The ASCC strongly recommends that businesses implement its “Essential Eight” baseline of cyber security strategies to make it harder for adversaries to compromise systems. They are: application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, emply multi-factor authentication, and carry out regular backups.
“While the ACSC is not aware of any current or specific threats to Australian organisations, adopting an enhanced cyber security posture and increased monitoring for threats will help to reduce the impacts to Australian organisations,” advised the centre.
The ACSC also outlined that organisations may want to look at what other international partner agencies are advising. It suggested they look at the guidance from US' CISA, UK's NCSC, New Zealand’s National Cyber Security Centre, and the Canadian Centre for Cyber Security.
The Ukranian Ministry of Defence was hit by a distributed denial of service (DDoS) attack last week which took its website offline. The ministry stated that its official website had recorded an excessive number of requests per second, leading it to believe it was probably targeted by a DDoS attack. The country’s largest bank, PrivatBank, and the State Saving Bank of Ukraine, Oschadbank, were also reportedly hit by cyber attacks. Although the perpetrators weren’t named, officials from the UK and the US have pointed the finger of blame at Russia's intelligence agency.
This comes after the Ukrainian government’s websites were taken down in another cyber attack in January. Messages appeared warning Ukranians to “be afraid and prepare for the worst”, with foreign and education ministries being targeted, as well as embassies in the UK, US, and Sweden.
-
Latitude Financial's data policies questioned after more than 14 million records stolenNews Some of the data is from at least 2005 and includes customers’ name, address, and date of birth
-
Latitude hack now under state investigation as customers struggle to protect their accountsNews The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
-
IDCARE: Meet the cyber security charity shaping Australia and New Zealand's data breach responseCase Studies IDCARE is recruiting a reserve army to turbocharge the fightback against cyber crime not just in the region, but in the interests of victims all over the world
-
Australia commits to establishing second national cyber security agencyNews The country is still aiming to be the most cyber-secure country in the world by 2030
-
Medibank bleeds $26 million in cyber costs following hackNews The company believes this figure could rise to $45 million for the 2023 financial year
-
TikTok's two new European data centres to address data protection concernsNews The company is under pressure to prove its user data isn’t being accessed by the Chinese state
-
Cyber attack on Australia’s TPG Telecom affects 15,000 customersNews It is the third cyber attack on a major Australian telco since October
-
Telstra blames IT blunder for leak of 130,000 customer recordsNews Australia’s biggest telco said that the error was due to a mismanagement of databases and not a cyber attack
