Major Cyber Attack on Australia - in Plain English

Yesterday’s (19th June 2020) announcement from the PM about a major Cyber Attack on Australia has many businesses confused and concerned. Here is a summary in plain English.

 

WHAT HAPPENED?

 

The Australian Cyber Security Centre (ACSC) detected a new type of hacking attempt. This is not unusual but this one raised the alarm because there was evidence that it was run by a foreign government and that they had taken over legitimate well-known Australian websites, company servers, and email accounts.

 

HOW DID THEY DO IT?

 

First, the hackers tried to take control of a website or server by using a mix of known vulnerabilities. If they couldn’t get into the website or server, they reverted to sending Phishing emails to employees in the targeted company which some employees clicked and gave access to the hacker.

 

WHAT DOES THIS MEAN?

 

If a website, server, or email account was compromised, the hacker is using their access to browse the network and look for valuable information that they can use to benefit the country they are working for.

 

WHAT DO I NEED TO DO?

 

1. Make sure your websites, company portals, servers, firewalls, and routers, are fully patched with the latest update.

2. Setup Multi-Factor Authentication (MFA) on your email account and any website you use. This is where it sends you a code to your phone so that even if the hacker knows your username and password they won’t be able to login without the code sent to your mobile.

 

HOW CAN I CHECK IF I HAVE BEEN HACKED?

 

There is a long list of things to check on a technical level which can be downloaded from the ACSC website here. At the most basic level, you can search your emails for anything from the following senders and ensure that you haven’t clicked on the link or attachment:-

 

rodriguesrosapriscila@gmail.com

rserranoer@gmail.com

chris.sukkar@hotmail.com

heather.mayx@hotmail.com

whelenwatkins@gmail.com

helenwaitkins@gmail.com

coralnewman01@gmail.com

josiahbrooks420@gmail.com

robertfetter.fdmed@hotmail.com

a.meddows1@gmail.com

phillipadamsthird@gmail.com

robertfettermed@gmail.com

 

WHAT CAN I DO IF I THINK I HAVE BEEN HACKED?

 

First, don’t panic! Contact your IT provider and let them know that you suspect you have been hacked and explain why. If you don’t have a current IT Managed Services Provider, reach out to our team at HD IT on 1300 688 020, or support@hdit.com.au for help.

 

HOW CAN I PROTECT MYSELF AND MY BUSINESS FROM FUTURE CYBER ATTACKS?

 

Simple steps include:-

  1. Enable Multi-Factor Authentication on your email and website accounts.

  2. Have a good email filtering service in place that protects you from Phishing emails. Office 365 Advanced Threat Protection (ATP) is a good start.

  3. Ensure your servers and emails (including Office 365) are backed up. Look at Datto SaaS Protection.

  4. Have a strong business-grade Anti-Virus solution in place that has an EDR feature. EDR lets you quickly and easily search your systems for signs of compromise. Sophos Intercept-X Advanced with EDR is the best we have used.

  5. Protect your business network with a Next Generation Firewall. This will block all known and unknown threats based on behaviour. Sophos XG Firewalls are proven to be extremely effective and comprehensive.

  6. Patch/update your servers, computers, mobile devices, and network equipment regularly. These hackers used known old vulnerabilities which are fixed if your systems are patched.

  7. Educate your team and create a vigilant security conscious company culture by running regular Phishing email tests. Sophos PhishThreat is a simple and effective tool for this that includes short end effective training clips.

 

Engaging a professional IT Managed Services Provider like HD IT is always the best step as they will ensure that your systems are always up-to-date, secured, and monitored. At the very least, you should be working with your IT provider to have the Government’s Essential 8 security recommendations in place for your business. The Essential 8 will provide a good baseline level of protection for you and your business.

Facebook
Twitter
LinkedIn

Recent Posts

  • Why It’s Time to Rethink Email Security
    Email remains the easiest way for cybercriminals to infiltrate businesses. Unfortunately, the built-in Microsoft Defender for Office 365 is no longer keeping up with today’s threats. Obvious spam, phishing emails, and even malicious links are now bypassing its filters, creating real risks for organizations. […]
  • Warning! The Dangers of Using the new DeepSeek as an AI Tool!
    DeepSeek AI has gained significant attention recently for its impressive capabilities and cost-efficiency. However, despite its advancements, there are several dangers associated with using DeepSeek that businesses should be aware of. […]
  • Sent that email to the wrong person
    We’ve all been there… You hit “Send” on an email—and immediately realise you’ve made a big mistake. Maybe you attached the wrong file. Maybe you CC’d the wrong person, etc. […]
  • Test your domain! Everyone is at risk of cyberattacks. Check your email domain safety rating now.
    Sendmarc has developed an algorithm that rates an organization’s exposure to fraudulent email activities such as impersonation, phishing and spoofing, and the risk their current domain poses to the cyber security of their company. […]
  • The Importance of an AI Policy in Your Organisation
    In today's digital age, it's essential to understand the implications of AI and how it can affect your organisation. Particularly with platforms like ChatGPT, which operate using a method called "LLM" or "Large Language Models," an AI policy is crucial. […]

Ready to take your business
to the next level?

© 2020 HDIT | TERMS OF USE | PRIVACY POLICY