The Australian Cyber Security Centre and Prime Minister Scott Morrison recently issued a warning to business leaders to protect valuable data from a wave of sophisticated hacker attacks.
The government revealed that wide-reaching attacks designed to penetrate political and private industry systems have the markings of a state-sponsored attack, according to government sources. Threat actors are reportedly employing “copy-paste” techniques as well as email phishing schemes, spear-phishing manipulation, and scamming professionals into requesting authorization tokens for Microsoft 365 applications, among others. What has officials on high alert is the appearance this recent campaign has been orchestrated by a foreign government.
Prime Minister Morrison emphatically stated that “organisations are currently being targeted by a sophisticated state-based cyber-actor” during a press conference where details were disclosed, according to The Guardian. His description of the threat actors led experts to believe that China, Russia, and North Korea rank among the few countries that could be responsible.
Morrison stated that the first wave of copy-paste threats was deterred but the cyber-criminal quickly shifted to other strategies. He emphasized the fact that the state-based attacks are targeting private-sector and governmental agencies alike. Industry leaders are advised to promptly harden their defences as the danger appears imminent.
What is a “Copy-Paste” Cyber-Attack?
The copy-paste or “cut-and-paste” technique attacks the integrity of a system by replacing legitimate encrypted text with a portion that looks similar. The substitute section tends to decrypt authentic portions and the hacker can manipulate a series of security system elements to their advantage.
Cybersecurity experts consider copy-paste one of the “active” and sophisticated hacking methods because digital thieves change system information. The cyber-attacks highlighted by Morrison and the Cyber Security Centre point to known vulnerabilities in platforms such as Microsoft 365, SharePoint, and Citrix, among others. Recent threat actors reportedly tried to exploit known vulnerabilities, many of which enjoy existing patches.
Although the hackers were deemed “sophisticated,” there are no reports that they had the skill level to successfully use zero-day attacks. Zero-day threats involve compromising unknown vulnerabilities for which patches have yet to be developed.
How Can Organisations Defend Against Copy-Paste Attacks?
Given that state-based threat actors tend to be well funded and operate with impunity, Australian businesses would be well-served to exercise heightened due diligence. Sophisticated cybercriminals are exceedingly likely to breach networks and could be working under your radar. Cybersecurity experts typically advise decision-makers to take the following measures to detect and deter.
- Penetration Testing: This process involves a third-party cybersecurity processional probing a network from the hacker’s perspective. Finding vulnerabilities before hackers do allows you to close gaps.
- Patch Management: The recent advisory highlights the fact that sometimes patching falls through the cracks. A patch management strategy puts an external resource in charge of this cybersecurity issue so that it does not get overlooked moving forward.
- Enterprise-Level Cyber Security: By enlisting a managed IT cybersecurity expert to enhance and secure networks, devices, remote workforce access, and other elements, businesses can harden their cybersecurity presence.
- Two-Factor Authentication: As the prime minister pointed out, the recent threat actor shifted methods to phishing and spear phishing after failing to breach government networks. This means your employees are likely to be the target of wide-ranging schemes. Two-factor authentication requires employees and key stakeholders to retrieve and input a code from a secondary device before logging into your network. This prevents hackers from exploiting weak passwords and employees, in many ways.
According to the government’s Stay Smart Online data, businesses suffer an average loss of $276,323 that includes disruption, data, revenue, damage, and productivity. Although the Australian Cyber Security Centre and Prime Minister Morrison were quick to alert business leaders, advisories can only be issued after the fact. Hardening your cybersecurity defenses also calls for ongoing employee awareness and training. Business leaders who take proactive measures now can frustrate hackers and repel them.