Security News > 2020 > June > Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'
Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation's infosec advice agency says that while the attacker has gained access to some systems it has not conducted "Any disruptive or destructive activities within victim environments."
Morrison said the attack has targeted government, key infrastructure and the private sector, and was sufficiently serious that he took the courteous-in-a-crisis, but not-compulsory step, of informing the leader of the opposition about the incident.
Morrison declined to state whether Australian defence agencies have identified the source of the attack and said evidence gathered to date does not meet the government's threshold of certainty to name the attacker.
Australia's cyber-defence advice agency, the Australian Cyber Security Centre, has published an advisory titled "Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks," that offers a few more details.
The ACSC's advice in the wake of its investigation is to patch internet-facing everything, adopt MFA for email, remote desktops, VPNs and collaboration platforms, follow previous Australian government security advice and enable verbose logging to help triage future attacks.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/06/19/australia_state_cyberattack/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Citrix shares mitigations for ongoing Netscaler password spray attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)