Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

ACSC on high alert following Russian attack on Ukraine

In the wake of Russian-linked cyber attacks on Ukraine, Prime Minister Scott Morrison and the Australian Cyber Security Centre (ACSC) have issued a warning to Australian organisations that malicious activity may have local ramifications.

user icon Nastasha Tupas
Fri, 25 Feb 2022
ACSC on high alert following Russian attack on Ukraine
expand image

Similar warnings have been issued by the UK's NCSC and the US Department of Homeland Security following recent sanctions on Russian institutions. As Australian society becomes increasingly digitised, agencies must prioritise measures to secure data and critical infrastructure against threat actors.

Australian organisations and government must take precautions to prepare for state-sponsored attacks as geopolitical tensions continue to escalate, according to Eric Milam, VP of research and intelligence at BlackBerry.

"As Australia is warned to bolster defences against cyber attacks following Russian threats to Ukraine, the ACSC's concern is a reminder of the power and repercussions of Russian cyber threats internationally.

"As government agencies collect and share more digital information, they must develop a comprehensive, integrated approach to security to protect highly confidential data and communication. This can be done through AI-based threat prevention, enabling a zero-trust security environment which continuously validates that trust at every event or transaction to authenticate users.

"My own team's investigation and prevention of these Russian threats, such as Dr. REvil, has revealed that it is crucial for organisations and government to learn how to protect against state-sponsored cyber attacks as a matter of highest priority," Milam said.

The ACSC is encouraging Australian organisations to urgently adopt an enhanced cyber security position, warning organisations should act now to improve cyber security resilience in light of the heightened threat environment.

Due to the historical pattern of cyber attacks against Ukraine that have had international consequences, malicious cyber activity could impact Australian organisations through unintended disruption or uncontained malicious cyber activities, the ACSC warned.

Overnight, Russia launched cyber attacks as part of their illegal and devastating attack on Ukraine and according to cyber security expert and global CEO of Vectra AI, Hitesh Sheth, "the war we see on TV is only a fraction of the conflict".

"Cyber weapons are doing at least equal damage to Ukrainian computer networks, particularly financial and military systems.

"We will never have more vivid proof that offensive cyber action is now a first-strike tactic, on a par with kinetic warfare.

“The sobering difference: conventional war is waged between nation states. Cyber war poses severe risk to private interests, however reluctant and unwilling they are to become combatants. Escalating cyber conflict can lead to unanticipated consequences and casualties. Nobody is assured of remaining a mere spectator," Sheth said.

While the ACSC is not aware of any current or specific threats to Australian organisations, it is pushing for the adoption of an enhanced cyber security posture and increased monitoring for threats will help to reduce the impacts to Australian organisations.

Milam further explained that cyber attack victims need to be capable of containing it as quickly as possible.

In this case, these solutions can also be used to communicate public safety warnings or updates to quell any panic.

"If you are [a] victim to an attack, you also need the capability to contain it as fast as possible through a unified critical communications network, which can communicate between organisations, people, devices, and external entities regarding who is in the network and next steps."

To that end, no public or private organisation can afford complacency about the events that are being watched in real time, Sheth added, which proves the alarming point that antiquated cyber defences centred on perimeter protection will fail under fire.

"Security begins at home, and private interests cannot rely on state-sponsored protection. They must audit and reinforce cyber defences and prioritise AI-augmented detection and response. Doing so will contribute to stability in a worrisome time," Sheth concluded.

[Related: Dragos identifies 3 new threat groups targeting ICS/OT environments]

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.