We all saw and read the news recently, about one of the most SOPHISTICATED cyber-attacks on Australian political and private sectors!
How could one of the most up-to-date / state-of-the-art institutions, like the Australian Government, fall victim to an attack like this?!
Some would say, they have a much larger surface area to attack, hence being more prone to attacks, but the counter argument should be that they have the resources to help combat said attacks.
But what about the other businesses out there?
What should we do to help prevent an attack?
Update and patch ALL internet-facing softwares, operating systems and devices
All exploits utilised by the actor in the course of this campaign were publicly known and had patches or mitigations available.
Organisations should ensure that security patches or mitigations are applied to internet-facing infrastructure within 48 hours.
Additionally organisations, where possible, should use the latest versions of software and operating systems.
Use and enable multi-factor authentication across all remote access services
We always preach this here at Espire IT.
Multi-factor authentication should be applied to all internet-accessible remote access services, including:
- web and cloud-based email
- collaboration platforms
- virtual private network connections
- remote desktop services
If you are concerned or need a second eye over your existing security setup, contact myself and the team and we'll help out as best we can.
- Paul Watson | Espire IT