News.com.au reported that Australian Prime Minister Scott Morrison has "announced in an urgent press conference called this morning in Canberra, Mr Morrison said the ongoing, "large-scale" hack was being executed by a “sophisticated, state-based cyber actor”.
“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters.
“We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting and the tradecraft used. Regrettably, this activity is not new. Frequency has been increasing.”
Mr Morrison said the Australian Cyber Security Centre has been “actively working with targeted organisations to ensure that they have appropriate technical mitigations in place and their defences are appropriately raised”.
Asked which nation was suspected to be behind the attack, Mr Morrison said the “threshold for public attribution on a technical level is extremely high” and that Australia “doesn't engage lightly in public attributions”.
“When and if we choose to do so is always done in the context of what we believe to be in our strategic national interests,” he said.
“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities.” Mr Morrison would not be drawn on whether China was behind the attack. “I can only say what I have said,” he said. An important part of these attacks were launched through spear phishing campaigns.
- We are seeing an exponential increase in cyber intrusion attempts, that they believe are State sponsored.
- He reeled off targeted industries, there wasn't many that weren't on there...but Government is clearly underwater with this. A new Cyber Strategy to be released in coming months.
- The PM emphasised that cyber attacks are ongoing, not new, and a constant threat.
- No specific Government data breach to report at this moment
- Today's announcements are all about increasing 'awareness' and he emphasised this twice....
- Patch software and all web facing and email servers
- Ensure you have MFA
- Become a member of the Australian Cyber Security Centre
We can add to the above items that stepping your employees through new-school security awareness training is a must to improve awareness and we are ready to help any Australian organization to get this deployed ASAP. We suggest you start with a free phishing security test that shows the current Phish-prone percentage of your staff and is a great way to establish your initial baseline. Source.