ACSC warning on increased risk of Cyber attacks on Australian Small Businesses

Feb 25, 2022 | Security

This week the Federal Government issued a new threat advisory, based on an escalation of international tensions.
https://www.cyber.gov.au/acsc/view-all-content/advisories/2022-02-australian-organisations-should-urgently-adopt-enhanced-cyber-security-posture

The fear is that certain countries may use offensive Cyber actions against Government Departments, infrastructure or businesses to intimidate NATO and other countries from interfering in their current kinetic operations. Assessors deem Australia a significant target, but its indirect connection makes it less likely to escalate the conflict.

Important actions to improve your business Cyber Resilience:

Review the last time that a trial restore was completed. This is critical and one that is fairly cheap to fix if there are any issues. We recommend quarterly or 6 monthly trial restores.
Review your Disaster Recovery / Business Continuity plan. More complicated, but well worth the effort, with some customers leveraging their DR investment as they moved to Work From Home during lockdowns.
Ensure Multi-Factor Authentication is turned on wherever possible. Though inconvenient, Multi-Factor Authentication (MFA) prevents numerous attacks; we consider it vital as it thwarts most successful breaches.
Review your email phishing training for staff. Staff clicking on phishing likes creates issues for the business and a huge amount of stress for the team member knowing their actions have put the business at risk. Some customers get us to run simulated attacks to educate all users which over times reduce the number of people clicking on fraudulent emails.
Review the Australian Cyber Security Essential 8 Framework. We are working through this framework with a range of customers. It takes time and effort but provides a lot more resilient network.
Implement the specific recommendations in the alert. Customers using Sophos routers block IP addresses; our phishing training aids in avoiding spearphishing, benefiting our clientele.
https://www.cyber.gov.au/acsc/small-and-medium-businesses/acsc-small-business-guide

We have been working with customers across a range of activities:

  • Providing advice on DR/BC planning.
  • Conducting internal security scans to identify vulnerabilities in networks.
  • Installing Multi-Factor Authentication across a range of online services that customers are using.
  • Working on implementing Essential 8, NIST or ISO 27001 standards.

Continuing into the weekend and next week, we’ll monitor the general situation and the Australian cyber threat closely. We boast a rare asset: a certified ethical hacker on our team, distinguishing us among IT companies for cybersecurity expertise. This guides our actions in helping our customers identify, protect, detect, respond and recover from Cyber incidents.

Whether this week’s news results in cyber attacks on Australian businesses or not, it is a good time to review your business’s cyber resilience as the strategic situation deteriorates and the threat of cyber attacks is growing.

In March, we’ll host a seminar on recent cyberattacks on local businesses and cost-effective strategies for preparation and response. We also produced a podcast around some of the attacks we saw last year. These are actual cyberattacks on local businesses, so have a listen on your favourite podcast player to get an idea of the threat.
https://suntzu4smallbusiness.com/podcasts/26-small-business-it-security-update/

ACSC High Alert advisory

This is a rare example of the ACSC issuing a high alert advisory, highlighting the increased risk to all businesses.

If you have any questions or need help increasing the cyber resilience in your business, please contact the team at Extreme Networks.

Stay safe!

Services & Products We Offer

IT Support Services

The basic network administration to keep your IT systems running smoothly. Our proactive maintenance and ticketing system can make the job of your in house IT person a lot simpler.

Cyber Security

Coupled with our experience in Server management, database and web design, we provide services around Policy and Procedures for security, auditing, and responding to security threats.

Online Marketing

We understand online strategy. We aren’t like most online consultants, we actually build and make money from our online businesses.

IT Managed Services

We implemented a Remote Management and Monitoring service and married that with a ticketing software application, allowing us to integrate and automate a lot of the routine IT support tasks.

MS Power BI And Digital Dashboards

Microsoft Power BI has a significant advantage in visualizing data that we have in our business, making it easy to create a digital dashboard and display it for all of our team to see.

One Page IT Plan

The One Page IT Plan is Australia’s first comprehensive planning tool for SMEs looking to use technology to build a sustainable competitive advantage.

Get Started

Need IT Support?

We’re dedicated to providing proactive IT solutions for your business. Fill up the form and we’ll reach out to you soon!

2 + 12 =