Australian organisations encouraged to urgently adopt an enhanced cybersecurity posture

Australian Cyber Security Centre

Background / What has happened?

There has been a historical pattern of cyber attacks against Ukraine that have had international consequences. Malicious cyber activity could impact Australian organisations through unintended disruption or uncontained malicious cyber activities.

While the ACSC is not aware of any current or specific threats to Australian organisations, adopting an enhanced cybersecurity posture and increased monitoring for threats will help to reduce the impacts to Australian organisations.

Mitigation / How do I stay secure?

The ACSC recommends that organisations urgently adopt an enhanced cyber security posture. This should include reviewing and enhancing detection, mitigation, and response measures.

Organisations should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required.

Organisations should also assess their preparedness to respond to any cyber security incidents, and should review incident response and business continuity plans. The ACSC has published Cyber Incident Response Plan – Guidance & Template to assist organisations to produce an incident response plan.

The ACSC strongly recommends organisations implement the Essential Eight mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. The Essential Eight mitigation strategies are:

Australian organisations may also wish to review the following publications from partner agencies:

US Cybersecurity and Infrastructure Security Agency (CISA): CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats

UK National Cyber Security Centre: NCSC advises organisations to act following Russia’s further violation of Ukraine’s territorial integrity

NZ National Cyber Security Centre: General Security Advisory: Understanding and preparing for cyber threats relating to tensions between Russia and Ukraine

Canadian Centre for Cyber Security (CCCS): Cyber threat bulletin: Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity

Assistance / Where can I go for help?

/Public Release. View in full here.