Australia’s lead cyber agency has issued a warning to Australian organisations that a wave of cyber attacks on Ukraine and NATO countries could spill over in coming months. The Australian Cyber Security Centre (ACSC) is urging businesses not to be complacent as Russian attacks escalate. 2022-02: Australian organisations should urgently adopt an enhanced cyber security posture | Cyber.gov.au
As reported by the ABC News Russian cyber attacks could inadvertently hit Australia, warns government cyber agency – ABC News, Russian linked criminal gangs might be encouraged to target all sorts of Western targets, prompting a possible surge in ransomware and other attacks across the globe. Home Affairs Minister Karen Andrews warned Russia may hit Australian critical infrastructure through cyber-attacks.
Both governments and businesses must prepare for the likelihood that cyber attacks will increase further if the situation in Ukraine continues to escalate.
We encourage you to pass this communication to your employees and remind them to focus their awareness of cyber security related risks such as:
- Guidelines for Personnel Security | Cyber.gov.au
- IT Cybersecurity Professionals Training | Fortinet
- Executive Security Awareness | Salesforce Trailhead
If you are an Acurus SOC customer please be informed that Acurus will be performing proactive threat hunting focusing on areas as advised by the ACSC starting this weekend, and continuing until further notice. As per ACSC guidelines Acurus SOC will be performing additional review and focus on:
- AD configuration changes.
- Abuse of delegated privileges and service principles in Azure.
- Active Directory Federation Services (ADFS) changes.
- Consider conditional access policies to prevent login events from unusual locations, including TOR.
We will provide an additional update on our forward position early next week as more government advice is provided.
If you are concerned about your organisations cyber security posture please contact us for a discussion.