By David Perske
The recent cyber attacks reported by the Australian Government should give us all pause to take stock of our own situation. How do you know if your company is well enough protected?
On Friday 19th June, the Prime Minister called a media briefing to discuss the current level of threat to government and business regarding increased levels of cyber security / attacks which have been observed. Clearly, via its various agencies and capabilities, the government has determined that there is substantial risk at present to the infrastructure that provides critical services to the community and drives the economy. The Prime Minister's comments in the briefing suggested the evidence pointed towards highly sophisticated attackers, likely a state based actor, is at work.
The Australian Cyber Security Center (ACSC) provided some further commentary and recommendations for the key actions business can take to reduce their levels of risk.
How did the Government know it happened?
The Australian Government has significant investments relating to awareness of and research into Cyber Security issues. The ACSC, which is a part of the Australian Signals Directorate publishes and maintains high value guidance on this topic. With broad access to information from the Cyber Security industry, partners, and Australia’s allies, the ACSC are able to track the level of current Cyber Security related threat.
In recent times the ACSC has been monitoring and providing advice that the level of threat has increased and this has been a trend in particular since COVID-19 disrupted many Australian businesses. It's very likely the attackers are trying to take advantage of potential security holes that have been created in response to a rapid shift to work from home for many employees.
If the Australian Government can't defend its data – what chance for SMBs? (ie what should SMBs be doing now)
The Government did not cite any specific instances of major breaches during the briefing. However we can be assured that there would certainly be instances of business falling victim to these attacks and suffering the associated disruption to their operations and customers. The ACSC mentioned two key areas of focus during the briefing:
- Ensuring critical security updates are being applied, in particular to internet facing systems
- Implementation of Multi Factor Authentication for users.
These are obviously the key recommendations, but there are additional strategies that are needed to provide a broader risk reduction.
Where do SMBs go wrong - what should we be doing now?
Small to medium businesses often lack the resources and expertise to take a broader view of the IT environment and identify risk reductions. Some of the additional risk areas we can assist with include:
- Reviewing the backup and recovery strategy, to help ensure key data is able to be recovered after a cyber security incident in an efficient manner
- Checking the status of external firewalls and services that are required to be exposed to support users
- PC and Server threat detection and response solutions to reduce risks from viruses, malware and other malicious software
- Review of the use of some of the advanced security functionality offered by platforms such as Office 365, which in many cases is left untouched and not in a state that is adding business value
- User based training and awareness of Cyber Security issues, what to do, and what NOT to do.
Often, it comes down to some simple actions that can significantly improve your businesses resilience to cyber security issues.
Take action - right now!
We've prepared for you our Essential Cyber Security Techniques Checklist, which may give you a high level view on any glaring cyber security gaps you may have. Click the button below to download the checklist - and if need be call us to go through your results. This is a no charge service.