Australian Prime Minister Scott Morrison addressed the Australian people this morning and announced that Australia is currently facing a cyber-attack. In his statement he specified that the attack “hadn’t just started,” implying that attacks had been taking place for some time now. According to his address, the attacks are impacting both government organizations and Australian businesses. While no specific group or nation was accused of carrying out the attacks, it was said that the attack appeared to be “state sponsored,” indicating that attackers who were acting on behalf of a foreign government were responsible. The Australian Cyber Security Centre published an advisory note which indicated that the campaign primarily utilizes Remote Code Execution (RCE) vulnerabilities. The attackers are utilizing these vulnerabilities to run malicious code to steal information as well upload their own tools to the targeted system. According to the advisory, the attackers have been utilizing a spearphishing campaign to target systems when exploiting publicly-facing infrastructure does not work. Targeted systems include Microsoft Internet Information Services, SharePoint servers, and Citrix gateways and servers.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security