How To Reduce the Risk of a Cyber Attack in your Business

Share on facebook
Share on twitter
Share on linkedin
Share on pocket
Hooded cyber criminal standing in front of electronic screen

On Friday 19 June 2020, the Australian Prime Minister Scott Morrison announced that Australia was in the midst of a cyber attack targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.

He confirmed that Australian organisations were being targeted by a “sophisticated state-based cyber-actor” because of the scale and nature of the targeting and the tradecraft used.

As well as unsuccessfully attempting to exploit public-facing infrastructure, the Australian Cyber Security Centre (ACSC) identified the use of various ‘spearphishing’ techniques taking the form of:

  • links to credential harvesting websites
  • emails with links to malicious files, or with the malicious file directly attached
  • links prompting users to grant Office 365 OAuth tokens to the actor
  • use of email tracking services to identify the email opening and lure click-through events.

Once this initial access was achieved, the actor could then utilise a mixture of open source and custom tolls to persist on and interact with the victim network, even migrating to legitimate remote access using stolen credentials.

How Your Business Can Respond

It’s important that Australian companies are alert to this threat and take steps to enhance the resilience of their networks. The ACSC recommends the following:

1. Promptly patch internet-facing software, operating systems and devices

Every exploit undertaken by this cyber attack was publicly known and had patches or mitigations available. You should ensure that security patches or mitigations are always applied to internet-facing infrastructure within 48 hours. You should also use the latest versions of software and operating systems.

2. Use multi-factor authentication across all remote access services

Multi-factor authentication should be applied to all internet-accessible remote access services, including:

  • web and cloud-based email
  • collaboration platforms
  • virtual private network connections
  • remote desktop services.

How to Reduce the Risk of a Cyber Attack in Your Business

With cyber attacks against business becoming more and more common, there are many things you can (and should!) do to prepare your business.

Develop A Cyber Security Strategy

Work with your trusted IT provider or internal IT cyber security specialists to develop a scalable and customised cyber security strategy to protect your business.

Implement the Essential Eight

The ACSC has a prioritised list of mitigation Strategies to Mitigate Cyber Security Incidents to assist organisations in protecting their systems against a range of adversaries. These strategies can be customised to fit your business requirements.

While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, can be incorporated into your cyber security strategy.

Educate Your Staff

Ensure your staff is educated about good cyber security practices, such as recognising phishing emails and detecting socially-engineered messages.

Implement Secure Remote Work Cyber Security Measures

With more and more staff working from home in Australia, cyber criminals are taking advantage of vulnerabilities arising from the use of remote access technologies. This means it’s essential to incorporate good cyber security measures into your contingency and business continuity planning.

Implementing a proactive and robust cyber security strategy can be more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident.

Contact Surety IT today for expert advice on developing and implementing an effective cyber security strategy for your business.

How to Report an Incident

If you have indications that your environment has been compromised, contact the ACSC by emailing asd.assist@defence.gov.au or calling 1300 CYBER1 (1300 292 371).

Further Reading

How To Implement Secure Video Conferencing in Your Business

How to Defend Yourself Against a Social Engineering Attack

10 Tips for Educating Employees about Cyber Security

Cyber Security and COVID-19 Business Contingency Planning

Find out how we can help with your IT challenges.
Talk to us today 1300 478 738 or Email

Subscribe for the latest industry news, updates and advice.

About the author:

Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing.His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow.After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need.His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder.His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top