How To Reduce the Risk of a Cyber Attack in your Business

Share on facebook
Share on twitter
Share on linkedin
Share on pocket
Reduce risk of a Cyber Attack

On Friday 19 June 2020, the Australian Prime Minister Scott Morrison announced that Australia was in the midst of a cyber attack targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.

He confirmed that Australian organisations were being targeted by a “sophisticated state-based cyber-actor” because of the scale and nature of the targeting and the tradecraft used.

As well as unsuccessfully attempting to exploit public-facing infrastructure, the Australian Cyber Security Centre (ACSC) identified the use of various ‘spearphishing’ techniques taking the form of:

  • links to credential harvesting websites
  • emails with links to malicious files, or with the malicious file directly attached
  • links prompting users to grant Office 365 OAuth tokens to the actor
  • use of email tracking services to identify the email opening and lure click-through events.

Once this initial access was achieved, the actor could then utilise a mixture of open source and custom tolls to persist on and interact with the victim network, even migrating to legitimate remote access using stolen credentials.

How Your Business Can Respond

It’s important that Australian companies are alert to this threat and take steps to enhance the resilience of their networks. The ACSC recommends the following:

1. Promptly patch internet-facing software, operating systems and devices

Every exploit undertaken by this cyber attack was publicly known and had patches or mitigations available. You should ensure that security patches or mitigations are always applied to internet-facing infrastructure within 48 hours. You should also use the latest versions of software and operating systems.

2. Use multi-factor authentication across all remote access services

Multi-factor authentication should be applied to all internet-accessible remote access services, including:

  • web and cloud-based email
  • collaboration platforms
  • virtual private network connections
  • remote desktop services.

How to Reduce the Risk of a Cyber Attack in Your Business

With cyber attacks against business becoming more and more common, there are many things you can (and should!) do to prepare your business.

Develop A Cyber Security Strategy

Work with your trusted IT provider or internal IT cyber security specialists to develop a scalable and customised cyber security strategy to protect your business.

Implement the Essential Eight

The ACSC has a prioritised list of mitigation Strategies to Mitigate Cyber Security Incidents to assist organisations in protecting their systems against a range of adversaries. These strategies can be customised to fit your business requirements.

While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, can be incorporated into your cyber security strategy.

Educate Your Staff

Ensure your staff is educated about good cyber security practices, such as recognising phishing emails and detecting socially-engineered messages.

Implement Secure Remote Work Cyber Security Measures

With more and more staff working from home in Australia, cyber criminals are taking advantage of vulnerabilities arising from the use of remote access technologies. This means it’s essential to incorporate good cyber security measures into your contingency and business continuity planning.

Implementing a proactive and robust cyber security strategy can be more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident.

Contact Surety IT today for expert advice on developing and implementing an effective cyber security strategy for your business.

How to Report an Incident

If you have indications that your environment has been compromised, contact the ACSC by emailing asd.assist@defence.gov.au or calling 1300 CYBER1 (1300 292 371).

Further Reading

How To Implement Secure Video Conferencing in Your Business

How to Defend Yourself Against a Social Engineering Attack

10 Tips for Educating Employees about Cyber Security

Cyber Security and COVID-19 Business Contingency Planning

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top