Security News > 2020 > June > Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'

Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation's infosec advice agency says that while the attacker has gained access to some systems it has not conducted "Any disruptive or destructive activities within victim environments."

Morrison said the attack has targeted government, key infrastructure and the private sector, and was sufficiently serious that he took the courteous-in-a-crisis, but not-compulsory step, of informing the leader of the opposition about the incident.

Morrison declined to state whether Australian defence agencies have identified the source of the attack and said evidence gathered to date does not meet the government's threshold of certainty to name the attacker.

Australia's cyber-defence advice agency, the Australian Cyber Security Centre, has published an advisory titled "Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks," that offers a few more details.

The ACSC's advice in the wake of its investigation is to patch internet-facing everything, adopt MFA for email, remote desktops, VPNs and collaboration platforms, follow previous Australian government security advice and enable verbose logging to help triage future attacks.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/06/19/australia_state_cyberattack/