Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [Heads Up] Australian Government and businesses hit by massive cyber attack from ‘sophisticated, state-based actor’

    Scott-MorrisonNews.com.au reported that Australian Prime Minister Scott Morrison has "announced in an urgent press conference called this morning in Canberra, Mr Morrison said the ongoing, "large-scale" hack was being executed by a “sophisticated, state-based cyber actor”.

    “This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters.

    “We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting and the tradecraft used. Regrettably, this activity is not new. Frequency has been increasing.”

    Mr Morrison said the Australian Cyber Security Centre has been “actively working with targeted organisations to ensure that they have appropriate technical mitigations in place and their defences are appropriately raised”.

    Asked which nation was suspected to be behind the attack, Mr Morrison said the “threshold for public attribution on a technical level is extremely high” and that Australia “doesn't engage lightly in public attributions”.

    “When and if we choose to do so is always done in the context of what we believe to be in our strategic national interests,” he said.

    “What I can confirm is there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities.” Mr Morrison would not be drawn on whether China was behind the attack. “I can only say what I have said,” he said. An important part of these attacks were launched through spear phishing campaigns.

    Key points from Prime Minister Scott Morrison were as follows:
    • We are seeing an exponential increase in cyber intrusion attempts, that they believe are State sponsored.
    • He reeled off targeted industries, there wasn't many that weren't on there...but Government is clearly underwater with this. A new Cyber Strategy to be released in coming months.
    • The PM emphasised that cyber attacks are ongoing, not new, and a constant threat.
    • No specific Government data breach to report at this moment
    • Today's announcements are all about increasing 'awareness' and he emphasised this twice....
     
    The Minister for Defence Linda Reynolds listed the 3 things that organisations must do now:
    • Patch software and all web facing and email servers
    • Ensure you have MFA
    • Become a member of the Australian Cyber Security Centre

    We can add to the above items that stepping your employees through new-school security awareness training is a must to improve awareness and we are ready to help any Australian organization to get this deployed ASAP. We suggest you start with a free phishing security test that shows the current Phish-prone percentage of your staff and is a great way to establish your initial baseline.  Source.

     

    Return To KnowBe4 Security Blog

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    PST ResultsHere's how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    Go Phishing Now!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/phishing-security-test-offer

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews