Background
Russia’s recent attack on Ukraine began on foot and simultaneously in the metaverse, targeting internet networks and systems, military communications and financial and energy providers. This parallel attack was met by an independent Iranian Ministry of Intelligence global cyber campaign called ‘MuddyWaters’, targeting the majority of Europe and parts of America and Britain. In light of the Australian Government’s decision to support Ukraine, Australia may be next in line for a cyber-attack. The Australian Government Cyber Security Centre has warned Australian organisations to ‘arm up’, as the risk of an Australian cyber-attack intensifies.[1]
International Cyber Breaches
With a reported 800% increase in cyber-attacks immediately after the conflict between Russia and Ukraine commenced, it has been reported that the attacks are multi-faceted. For instance, ‘MuddyWaters’ is using a combination of data exfiltration, spear phishing, ransomware, and extortion in order to steal people’s critical information.
What are the most common types of Cyber Attacks?
In a report prepared by CrowdStrike Global, it was highlighted that the most common types of cyber-attacks today, are ransomware attacks. Ransomware is a type of malware that denies legitimate users access to their own system, and in order to get access back a ransom must be paid. As an example, in May 2021, Colonial Pipeline, who supplies gasoline and jet fuel to the south-eastern U.S., was the target of a ransomware attack brought by a criminal hacking group called ‘Darkside’. This group temporarily disrupted gas and fuel supply throughout the region, and demanded a ransom of US $4.4 million, which Colonial Pipeline ended up paying.[2]
An example of a cyber-attack closer to home was where several regional Victorian hospitals and health services were hit with a ransomware attack in March 2021. In this instance many departments operated by Eastern Health were significantly disrupted for up to a month, and their entire network needed to be shut down to protect critical systems. This resulted in elective surgeries being paused, and treatments and appointments being postponed.[3]
This is an example of just one of the many types of possible cyber-attacks. Some of the others are listed below:
How can I protect my business?
The Australian Government Cyber Security Centre (ACSC) is encouraging Australian organisations to “urgently adopt an enhanced cyber security position”. In relation to businesses there is the emphasis in adopting a baseline that is known as the ‘Essential Eight Maturity Model’. This model is based on the ACSC’s experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing and assisting organisations to implement this model.
What does the Essential Eight Model cover?
What kind of cyberattacks we could expect?
With the increasing sanctions being imposed on Russia by Australia,[4] and the rest of the world, the likelihood is that there will be increasing cyber-attacks against Australian organisations. These will come in the form of emails sent to your employees, via text messages or even phone calls.
The aim of these attacks is either to send some type of malicious payload via an email attachment or link to gain access to your system with ransomware, or malware, or to gather some personally identifiable information. This includes information such as passwords or bank information via what is known as phishing attacks, and would give an attacker access to privileged systems and/or an organisations financial data.
Lavan comment
In light of the recent conflicts between Russia and Ukraine, particularly in consideration of Australia’s support of Ukraine, tensions are building globally. Further imposed sanctions put in place by Australia makes us a potential target through association. It can be said that Russian cyber-attacks are a consequence of Australia’s political stance.
To help protect not only the organisation you work for, but also your personal information, it is always recommended to use strong passwords both inside and outside of your organisation. Do not use the same passwords between work and personal accounts.
Organisations need to continue to educate their employees in what to watch out for, and it is recommended that if you are unsure to contact your IT department before going any further.
Remember your organisation's information can be worth a lot of money in the wrong hands, so be vigilant!
[1] https://www.cyber.gov.au/acsc/view-all-content/alerts/australian-organisations-encouraged-urgently-adopt-enhanced-cyber-security-posture.
[2] https://www.crowdstrike.com/cybersecurity-101/cyberattacks/most-common-cyberattacks.
[3] https://ia.acs.org.au/article/2021/victorian-hospitals-hit-by-cyber-attack.html.
[4] https://www.dfat.gov.au/international-relations/security/sanctions/sanctions-regimes/russia-sanctions-regime.