Australia’s cyber security agency, the Australian Cyber Security Centre (ACSC), has released new guidance on improving cyber security in response to recent high-profile cyber attacks in the region. The guidance, titled “Practical Cyber Security Tips for Business Leaders,” provides advice on securing devices, accounts, and social media and communication channels, as well as steps to take if an organization believes it has been compromised. Key tips include enabling multi-factor authentication (MFA), regularly updating and patching software, applications, and operating systems, backing up important files, and using separate work and personal devices and accounts.
The release of the guidance comes after a major government data breach in April 2023, in which over 2.5 million documents were stolen from Australia’s largest commercial law firm, HWL Ebsworth. The breach affected 65 government agencies, including the national postal service and various government departments. The ransomware group ALPHV claimed responsibility for the attack. Other significant cyber incidents in the region include a data breach at travel agency Inspiring Vacations and an extortion attack on Australia’s Victoria State court system.
In a foreword for Australia’s Annual Cyber Threat Report, Deputy Prime Minister Richard Marles highlighted the increased cyber attacks on Australian organizations, attributing them to heightened competition in the Indo-Pacific region. Cyber security experts have stressed the importance of creating a culture of security and resilience to combat attacks and protect against future breaches.
Overall, the release of the new guidance by the ACSC reflects the escalating cyber threat landscape in Australia and the need for organizations to prioritize cyber security measures to protect sensitive information and defend against potential cyber attacks.