Australian organisations should urgently adopt an enhanced cyber security posture
By Adam Goudge.
A few days ago the Australian Cyber Security Centre (ASCS) released advice that in the wake of the Ukraine / Russian conflict that there is an expectation that cyber attacks globally will increase in both volume and severity. There is currently no suggestion that Australia will be targeted by Russian cyber attacks however that could change very quickly and there is no doubt there will be plenty of spillage, state-sponsored cyber attacks by Russia against Ukraine and other countries will certainly be felt here in Australia.
“The ACSC is aware of reporting that threat actors have deployed destructive malware to target organisations in Ukraine. This advisory provides additional [information] to assist organisations to detect destructive malware.
Destructive malware can present a direct threat to an organisation’s daily operations, impacting the availability of critical assets and data.
Australian organisations should continue to maintain vigilance to the threat of ransomware.”
Along with the ACSC we strongly encourage all Australian businesses and individuals to immediately improve their cyber security posture.
The number one thing you can do today to help protect yourself is ensure Multi-factor Authentication (MFA) is enabled for all of your cloud based services. This includes email, cloud storage & accounting systems as well as online banking and other similar services. Any service you use that is accessed via a web page or is marketed as ‘cloud’ should have MFA enabled immediately.
If you don’t know how to do this contact the cloud vendor or call your trusted I.T. partner. Setting up MFA is not a difficult nor time consuming task and while it’s not a panacea for digital attacks it is a very strong deterrent and will stop all but the most determined of attackers. Don’t be complacent about this, now more than ever you need to get on top of your cyber security game.
Adam’s top five things all Australians can do to better protect their digital security
- Use MFA everywhere. It really is that important.
- Keep your devices up to date. And not just your computers either, don’t forget your phones, tablets, video surveillance systems and every other internet connected smart device. Network attacks often start with the weakest link, an out of date smart device has the potential to allow an attacker access to the entire network.
- Install reputable antimalware / antivirus software and don’t forget to keep it up to date.
- Stop using easy to guess passwords. Simple and short passwords are easy to brute-force. Instead use passphrases, for example “IEatToast4Breakfast” is a much better password than “Toast” and it’s just as easy to remember.
- Educate yourself and your staff. Subscribe to this blog here and to ACSC alerts here
For more technical information have a read of this-