CYBER ATTACK ON AUSTRALIA: KEY POINTS
* This is a "malicious" attack on government and private sector computer networks.
* No large-scale data breaches have been detected.
* A "state-based actor with significant capabilities" is behind the attack.
* Experts say the states most capable of these types of attacks are Russia and China.
* The frequency of attacks has increased in past months.
* State premiers and territory leaders have been alerted.
* Prime Minister Scott Morrison spoke with his British counterpart Boris Johnson about the issue on Thursday night.
* Australian security agencies are working to thwart the attacks and are providing advice to those under attack.
TYPES OF ATTACK
The Australian Cyber Security Centre released technical guidance in late May outlining more than 50 types of attacks that have been increasingly used over the past year.
The tactics, techniques and procedures include:
* Exploitation of remote access programs such as Pulse Connect Secure and Citrix, many of which have been used by people working from home during the coronavirus pandemic
* Sending malware as an email attachment
* Using stolen credentials to access email accounts
* Stealing or encrypting data
* Ransomware, where data is encrypted and money demanded in exchange for the decryption key
* Activity designed to hide malware including clearing Windows event logs and deleting or changing timestamps on files
WHO IS UNDER ATTACK?
* Morrison said targets included all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure
* In the past two months, large companies including beverage producers Lion, BlueScope, and logistics giant Toll Group have been targeted with ransomware multiple times
Source: Federal Government
Australian Associated Press