Security News > 2024 > February > Tenable: Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks

Nathan Wenzler, chief security strategist at cyber security firm Tenable, said state-sponsored threat actors typically infiltrate by stealth and spread. Wenzler said Australian organisations should treat them as seriously as other actors or face serious risk during a geopolitical conflict.

The Australian Cyber Security Centre found total reports of cybercrime were up by 23% to 94,000 in the year to June 2023, attributing part of that increase to state-sponsored attacks against critical infrastructure.

Midnight Blizzard: Lessons for Australian cyber security pros.

The Microsoft attack also exposed the misconception security functions can be treated like "Little isolated silos", Wenzler said, where performing a checklist of tasks like patching Windows systems or hardening cloud infrastructure is all that was required to safeguard security.

Following Midnight Blizzard's compromise of Microsoft, Wenzler argued cyber teams should revisit security measures like ensuring multi-factor authentication is enabled, and applying best practice approaches like principle of least privilege, to minimise identify compromise risk.

"As we embrace this idea security is much more about risk management thanjust implementing IT services, then you have to start to understand that risk landscape; that means being proactive, understanding the environment, understanding the risk profile, and using that to make good decisions about what to do next, including what security controls are right for you," said Wenzler.

News URL

https://www.techrepublic.com/article/australian-cyber-security-pros-state-sponsored-attacks/