This week the Federal Government issued a new threat advisory, based on an escalation of international tensions.
https://www.cyber.gov.au/acsc/view-all-content/advisories/2022-02-australian-organisations-should-urgently-adopt-enhanced-cyber-security-posture
The fear is that certain countries may use offensive Cyber actions against Government Departments, infrastructure or businesses to intimidate NATO and other countries from interfering in their current kinetic operations. It is assessed that Australia is a large enough target to matter, but not directly connected, so less likely to lead to escalating the conflict.
Important actions to improve your business Cyber Resilience:
Review the last time that a trial restore was completed. This is critical and one that is fairly cheap to fix if there are any issues. We recommend quarterly or 6 monthly trial restores.
Review your Disaster Recovery / Business Continuity plan. More complicated, but well worth the effort, with some customers leveraging their DR investment as they moved to Work From Home during lockdowns.
Ensure Multi-Factor Authentication is turned on wherever possible. This is a bit of a pain, but it stops a large number of attacks. Most successful attacks on our customers would have been defeated by MFA and we see it as essential.
Review your email phishing training for staff. Staff clicking on phishing likes creates issues for the business and a huge amount of stress for the team member knowing their actions have put the business at risk. Some customers get us to run simulated attacks to educate all users which over times reduce the number of people clicking on fraudulent emails.
Review the Australian Cyber Security Essential 8 Framework. We are working through this framework with a range of customers. It takes time and effort but provides a lot more resilient network.
Implement the specific recommendations in the alert. Most of our customers with a Sophos router are already blocking a range of IP addresses and our phishing awareness training helps customers with avoiding spearphishing.
https://www.cyber.gov.au/acsc/small-and-medium-businesses/acsc-small-business-guide
We have been working with customers across a range of activities.
Providing advice on DR/BC planning.
Conducting internal security scans to identify vulnerabilities in networks.
Installing Multi-Factor Authentication across a range of online services that customers are using.
Working on implementing Essential 8, NIST or ISO 27001 standards.
We will be continuing to monitor the general situation and the Australian Cyber Threat over the weekend and through next week. We are one of the few IT companies with a trained cyber Security expert on the team, with one of us having passed the certification process for the Certified Ethical Hacker examination. This guides our actions in helping our customers identify, protect, detect, respond and recover from Cyber incidents.
Whether this week’s news results in cyber attacks on Australian businesses or not, it is a good time to review your business’s cyber resilience as the strategic situation deteriorates and the threat of cyber attacks is growing.
We plan to run a seminar in March to cover recent Cyberattacks on local businesses and the easiest and cheapest ways to prepare and respond to these incidents. We also produced a podcast around some of the attacks we saw last year. These are actual cyberattacks on local businesses, so have a listen on your favourite podcast player to get an idea of the threat.
https://suntzu4smallbusiness.com/podcasts/26-small-business-it-security-update/
This is a rare example of the ACSC issuing a high alert advisory, highlighting the increased risk to all businesses.
If you have any questions or need help increasing the cyber resilience in your business, please contact the team at Extreme Networks.
Stay safe!