The Australian Cyber Security Centre (ACSC) has warned Australian businesses to 'urgently adopt an enhanced cybersecurity posture' to protect themselves against targeted Russian cybercriminal activity.
Ajay Unni, a cybersecurity expert on the board of CREST ANZ and founder of StickmanCyber, says, "Given the distance between our two countries, cyber-attacks are the most effective way that Russia can punish Australia for supporting Ukraine. As a result, Australian businesses are currently at a very real risk of disruption or malicious activities from Russian cybercriminals."
He says these threats could come in the form of denial of service attacks, which Russia has used in the past against Estonia in 2007, or in the form of ransomware attacks deployed via phishing emails. These attacks, if successful, can put Australian organisations at risk of financial, operational and reputational damage.
The Office of Australian of the Australian Information Commissioner (OAIC) says Australian businesses and individuals are already under significant siege from cyberattacks, with 55% of the 256 data breaches from July to December 2021 being a result of malicious or criminal attacks, 68% of those were cyber-attacks.
"Australian businesses need to act now to ensure their cybersecurity posture is in place and up to date to ward off any potential attacks," says Unni. "It's not a matter of if, but when. Businesses need to take the following steps immediately to ensure their safety."
Incident detection, mitigation and response
A critical step in ensuring enhanced cybersecurity posture has the proper measures to detect, mitigate, and respond to security incidents.
ACSC says organisations need the right tools to identify any suspicious activity. Similar to how physical locations use back-to-base alarm systems, it says businesses can benefit from using cybersecurity consultants (either outsourced or in-house) who can watch over your computers and networks 24/7, 365 days a year.
If suspicious activity is identified, a response team can be launched to mitigate the threat before it becomes a breach or attack. If a breach has already occurred, a team of cybersecurity experts can help businesses recover from any repercussions.
Communicate within your organisation
Human error continues to be the weakest link in an organisation when it comes to information security. ACSC says businesses must educate and alert their employees about the likelihood of advanced phishing attacks, misinformation campaigns, and attempts by malicious Russian actors to compromise systems and networks within their organisation.
Re-evaluate privileged access
With the increased risk of cyber threats, now is an opportune time for any organisation's information security team to re-evaluate and investigate all new software and accounts, especially those with high privileges. This, along with more robust authentication and overall identity and privilege access management, can ensure your business is safe.
Enhance basic cybersecurity hygiene
Organisations must take this opportunity to improve their basic cybersecurity hygiene to protect their systems and networks from cyber-attacks. This can be achieved by ensuring the following measures are in place, installing reputable antivirus and malware software, keeping software and applications up to date with the latest patches installed, enforcing employees to use strong passwords and multifactor authentication on all devices and accounts, and making sure all data is encrypted while at rest and in transit and sufficiently backing up.
"The time to act is now," says Unni. "A cyberattack can have devastating consequences on a business, and I strongly urge organisations of all sizes to take this opportunity to improve their cyber detection and response and be proactive in protecting themselves now and in the future."