skip to Main Content

White Alert and Advisory Announcement: Essential Eight

Cybersecurity should be a priority for all organisations within Australia and globally. The recent events in Ukraine are highlighting the need for businesses to urgently review their security posture, as the potential for a wave of cyber-attacks has increased that could have global consequences.

While there has been no specific or credible threat to Australian organisations at this stage, the Australian Cyber Security Centre (ACSC) warns it is possible cyber-attacks on Ukraine could impact government and private entities within the region and beyond. In recent months, private and public entities in Ukraine have fallen victim to malicious cyber-attacks, such as the defacing of government websites and destructive malware targeting the private sector, as well as distributed denial of service attacks cutting off access to banking websites.

This is of particular concern as malware attacks in the past caused widespread damage to infrastructure and corporate agencies. This malware spread around the world and caused billions of dollars worth of damage. Investigators linked the malware to a Russian source and traced it to the update mechanism of a tax-accounting software app that was used widely in Ukraine at the time.

ACSC recommends Australian businesses be on high alert and review their security posture immediately, in the event of future cyber-attacks that could impact organisations outside Ukraine.

The Essential Eight mitigation strategies include:

  • The use of application control can help minimise the chances of malware running on your system, or unapproved applications being installed onto devices.
  • Patch applications are changes made to programs to update or fix any security vulnerabilities.
  • Setting up Microsoft Office so malicious actors can’t create macros to infiltrate systems and gain access to data.
  • User application hardening locks down unnecessary features in applications to eliminate vulnerabilities.
  • Restrict administrative privileges to limit users from making changes to security settings, operating systems and more. This reduces the chances of malware spreading or data being accessed without authorisation.
  • Apply patches as soon as they become available, to avoid being exposed to malware.
  • Enable multi-factor authentication and strong passwords to ensure secure login and access to data.
  • Regularly backing up data will ensure any data that is lost or compromised during a cyber-attack or disaster can be recovered.

There are different maturity levels for the Essential Eight strategies which are based on mitigating different levels of tradecraft and targeting.

Increase your company’s security posture now

Cyber-attacks can seem unlikely to occur to your business, but the truth is, complacency can leave your company open to security breaches. Enterprise security threats can be avoided if you take steps to review and enhance cybersecurity measures regularly. Cybercriminals exploit vulnerabilities in systems and as more employees are returning to the office, now is a good time to review your risk mitigation and incident response strategies.

To increase your company’s cybersecurity stance, INTELLIWORX offers ASD 8 as a Service. This managed security service is tailored to provide organisations with holistic and robust security solutions, aligned with the Essential Eight strategies. Speak to the cybersecurity experts at INTELLIWORX today and streamline your company’s cybersecurity strategies.

Shane Maher

We passionately work on the IT Infrastructure of mid-tier businesses and support MSPs into cloud services. I have over 17 years of commercial experience that includes supporting and managing IT systems, developing infrastructure solutions, both onsite & in the cloud.

This Post Has 0 Comments

Leave a Reply

Your email address will not be published.

Back To Top