State-based actor targets Australian government and business in major cyber attacks: Scott Morrison addresses the public
Citing an incident pertaining to attacks against Australian government that are decisively from a state-based actor, Scott Morrison demonstrates that the need to raise this issue is not bought on from this or any particular attack, but ongoing cybersecurity threats that Australia, as well as many other nations, are consistently facing.
And based on recent years, this couldn’t be truer. Australians have fallen victim to a plethora of cybersecurity attacks, ranging from the day-to-day scams that target individuals and Australian small businesses, through to large-scale cyberattacks against infrastructure and large businesses.
Morrison mentions sophisticated state-based cyber attacks targetting critical infrastructure, the private sector, and all levels of the Australian government, and for each of these identifiers, we don’t need to look far back for matching examples of significant data breaches within Australia.
Private Sector: Toll Group suffers multiple high-impact ransomware incidents throughout 2020.
Critical Infrastructure: Victorian regional hospitals suffer crippling ransomware attacks, causing days of limited capacity and halted services.
Australian Government: Australian Parliament identifies a foreign government hack targetting Australian Parliament’s servers.
Morrison affirms his intention in bringing this topic to the public is not to raise concern, but to raise awareness; which is repeatedly shown to be the key factor in preventing human error and mitigating cyber-risk.
And while it is currently unclear as to who the state actor launching the attack(s) in concern is, there are a few key measures any individual or business can take to ensure their own safety regardless:
- As the Minister of Defence highlighted, it’s critical to update to internet-facing devices and apps. What does this mean? In short, stop snoozing update reminders! By updating your software (apps) and devices, you can ensure that new security fixes are kept up-to-date.
- Use two-factor authentication. I might sound like a broken record to my regular readers, but two-factor is arguably the strongest security improvement you can immediately put into effect. For more details on setting it up, read here.
- Raise awareness for yourself and your colleagues. It’s a well-known fact that over 60% of data breaches occur as a result of human error. It’s critical to train yourself and your colleagues on Cyber Awareness as to ensure that a simple mistake doesn’t lead to an irrecoverable loss.