“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters.
“We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting and the tradecraft used. Regrettably, this activity is not new. Frequency has been increasing.”
Mr Morrison said the Australian Cyber Security Centre has been “actively working with targeted organisations to ensure that they have appropriate technical mitigations in place and their defences are appropriately raised”.
Asked which nation was suspected to be behind the attack, Mr Morrison said the “threshold for public attribution on a technical level is extremely high” and that Australia “doesn't engage lightly in public attributions”.
“When and if we choose to do so is always done in the context of what we believe to be in our strategic national interests,” he said.
“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities.” Mr Morrison would not be drawn on whether China was behind the attack. “I can only say what I have said,” he said. An important part of these attacks were launched through spear phishing campaigns.
We can add to the above items that stepping your employees through new-school security awareness training is a must to improve awareness and we are ready to help any Australian organization to get this deployed ASAP. We suggest you start with a free phishing security test that shows the current Phish-prone percentage of your staff and is a great way to establish your initial baseline. Source.