Today's Widespread Attack
This morning, Prime Minister Scott Morrison said organisations including governments and businesses, were currently being targeted by a sophisticated foreign "state-based" attacker. The fact that the Prime Minister held a news conference to announce this attack is significant. At the time of writing there is little information about the impact or repercussions of this attack, however the Federal Government's Australian Signals Directorate's Cyber Security Centre has published an advisory with more technical details.
Scott Morrison said "this activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure." At this stage we have no reason to believe that Sentrian or any of Sentrian's clients have been targeted by the hackers.
Sentrian's Network Operations team has reviewed the attack methodology and are assessing any potentially vulnerable services. Over the last few years we have made extensive efforts to harden our security in order to minimise the potential risk from these type of attacks. Again at this stage we have not identified any issues as a result of today's attack effecting either ourselves or our clients.
As this attack includes phishing emails attempting to steal Microsoft 365 credentials we encourage all clients to remind their staff to be extra vigilant today and in the coming days looking for suspicious emails, particularly those requesting a username and password. This is especially important for all organisations that do not have multi factor authentication.
Fortifying Your Cyber Defence
This is a timely reminder of the importance for security measures such as multi factor authentication and Microsoft 365 Advanced Threat Protection. We encourage you to talk to your Client Services Manager about these security measures for the protection of your business.