Security News > 2024 > February > Tenable: Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks
Nathan Wenzler, chief security strategist at cyber security firm Tenable, said state-sponsored threat actors typically infiltrate by stealth and spread. Wenzler said Australian organisations should treat them as seriously as other actors or face serious risk during a geopolitical conflict.
The Australian Cyber Security Centre found total reports of cybercrime were up by 23% to 94,000 in the year to June 2023, attributing part of that increase to state-sponsored attacks against critical infrastructure.
Midnight Blizzard: Lessons for Australian cyber security pros.
The Microsoft attack also exposed the misconception security functions can be treated like "Little isolated silos", Wenzler said, where performing a checklist of tasks like patching Windows systems or hardening cloud infrastructure is all that was required to safeguard security.
Following Midnight Blizzard's compromise of Microsoft, Wenzler argued cyber teams should revisit security measures like ensuring multi-factor authentication is enabled, and applying best practice approaches like principle of least privilege, to minimise identify compromise risk.
"As we embrace this idea security is much more about risk management thanjust implementing IT services, then you have to start to understand that risk landscape; that means being proactive, understanding the environment, understanding the risk profile, and using that to make good decisions about what to do next, including what security controls are right for you," said Wenzler.
News URL
https://www.techrepublic.com/article/australian-cyber-security-pros-state-sponsored-attacks/
Related news
- Security measures fail to keep up with rising email attacks (source)
- Digital Maturity Key to AI Success in Australian Cyber Security (source)
- One-Third of UK Teachers Lack Cybersecurity Training, While 34% Experience Security Incidents (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)