Businesses urged to strengthen systems due to Ukrainian conflict.

WARNING FROM ACSC

The Australian Cyber Security Centre (ACSC) has warned Australian businesses to “urgently adopt an enhanced cybersecurity posture” to protect themselves against targeted cybercriminal activity.

These threats could come in the form of denial of service attacks, or in the form of ransomware attacks deployed via phishing emails, an official release from the organisation states.

These attacks, if successful, can put Australian organisations at risk of financial and operational damage.

While ACSC states they are “not aware of any current or specific threats to Australian organisations”, they warn of “a historical pattern of cyber attacks against Ukraine that have had international consequences.“

A very interesting warning to emerge, particularly as Scott Morrison and the mainstream press begin warning that cyber attacks could cause “unintended disruptions across Australia”.

Cybersecurity specialists warn Russia has a history of using cyber attacks to weaken adversaries, including the 2017 “NotPetya” ransomware attack, which targeted Ukrainian companies but spread around the world due to the interconnected nature of modern systems.

Do they know of something on the horizon that we do not?

CYBER ATTACK IN THE WORKS?

Let’s not forget that the World Economic Forum held their ‘Cyber Polygon’ exercise, which gathered technology firms to simulate the possibility of “a targeted supply chain attack on a corporate ecosystem in real time.”

The promotional video for the event at the time is still available on the WEF YouTube Channel:

“A cyber attack with COVID-like characteristics would spread faster and farther than any biological virus. Its reproductive rate would be around 10 times greater than what we’ve experienced with the coronavirus.”
— Klaus Schwab.

Could this ‘conflict’ in the Ukraine region give rise to a ‘sudden, unexpected outage’?

Where could this type of attack potentially hit? Banking institutions? Essential services?

The Office of Australian of the Australian Information Commissioner (OAIC) says Australian businesses and individuals are already under significant siege from cyberattacks, with 55% of the 256 data breaches from July to December 2021 being a result of malicious or criminal attacks. 68% of those were cyber-attacks.

“We’ve seen a steady increase in state-sponsored cyber attacks on Australian critical infrastructure, by domiciled ransomware gangs … in the last six months that are increasingly ideologically aligned with Kremlin talking points,” said Robert Potter, CEO at defence consultancy firm, Internet 2.0.

“Australian businesses need to act now to ensure their cybersecurity posture is in place and up to date to ward off any potential attacks. It’s not a matter of if, but when.”

PROTECT YOUR BUSINESS

The ACSC has published Cyber Incident Response Plan – Guidance & Template to assist organisations to produce an incident response plan.

The ACSC strongly recommends organisations implement the ‘Essential Eight’ mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline.

This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.

The Essential Eight mitigation strategies are:

Application control;
Patch applications;
Configure Microsoft Office macro settings;
User application hardening;
Restrict administrative privileges;
Patch operating systems;
Multi-factor authentication; and
Regular backups.

“Businesses need to take the following steps immediately to ensure their safety.”

A critical step in ensuring enhanced cybersecurity posture has the proper measures to detect, mitigate, and respond to security incidents.

Organisations need the right tools to identify any suspicious activity.

Similar to how physical locations use back-to-base alarm systems, it says businesses can benefit from using cybersecurity consultants (either outsourced or in-house) who can watch over your computers and networks 24/7, 365 days a year.

If suspicious activity is identified, a response team can be launched to mitigate the threat before it becomes a breach or attack. If a breach has already occurred, a team of cybersecurity experts can help businesses recover from any repercussions.

–

Update: We have already seen a ‘big drill’ and ‘some local roadworks’ responsible for the entire state of Tasmania being thrown into a communications blackout for hours this week.

Two fibre-optic cables connecting the state to mainland Australia were cut within the space of two hours on Tuesday, resulting in an outage which lasted over five hours.

Are they normalising the concept of outages caused this easily?

–

Given the ever-changing narratives and constant propaganda from the establishment, one thing is for sure: Expect the unexpected and prepare yourself accordingly.

If you have a business, or even for your own personal use, it is important to gear up and protect your assets.