PM Scott Morrison gave a press announcement about it this morning, though it was a bit vague.
The Australian Government is aware of an ongoing & sustained cyber attack targeting Australian government & companies by a sophisticated state-based actor.
They’re using tools to gain access to systems & networks, at which point they add tools & steal credentials.
The attackers are making use of unpatched vulnerabilities in software like Telerik UI, Microsoft IIS, Sharepoint, and Citrix software, but I’m sure they’re targeting other systems as well.
What to do
The main thing here is to make sure your computers and software are up to date, and that your computer has installed all the latest Windows updates.
The attackers are also using spearphishing attacks, where they send emails & links to sites designed to steal your password, they trick you by looking like a login screen so you type in your details.
Be very cautious of unexpected emails or text messages that have a link to a login page.
Double-check where the link goes, and check the address bar to see what you’re really logging into.
Be suspicious of people unexpectedly emailing you Powerpoint files.
Australian Cyber Security Centre is recommending
- Patch any internet-facing software, operating systems, and devices
That means make sure your phone, tablet and computer have all the updates applied.
- Use multi-factor authentication wherever possible
This is where the site sends a code to your phone after you log in to make sure it’s you. You should enable this on your email & any systems that offer it.