The Australian government has confirmed on Friday morning it’s been the subject of an ongoing “state-based” cyber attack, affecting a number of critical services in the country.
Prime Minister Scott Morrison said the attack, which is ongoing, affects a number of organisations within “government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure”.
He maintained the government would not publicly reveal the country suspected to be behind the campaign as the threshold for evidence was too high.
“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the trade craft used,” Morrison said in Friday morning’s press conference.
— SBS News (@SBSNews) June 18, 2020
Morrison did not specify the names of any companies or departments that had been affected so far but Linda Reynolds, the Minister for Defence, said the government urged organisations to heed the warning and update security systems.
“Firstly, patch your internet-facing devices promptly, ensuring any web or email services are fully updated with the latest software,” Reynolds said in the press conference.
“Secondly, ensure you always use multi-factor authentication to secure your internet access, infrastructure and also your cloud-based platforms. Thirdly, it’s important to become an ACSC [Australian Cyber Security Centre] partner to ensure you get the latest cyber threat advice to protect your organisation online.”
This announcement comes just days after Lion, a major producer of iconic Australian beer, milk and juice brands, confirmed it was hit by a cyber attack, crippling the manufacturing company’s distribution efforts.
“Our investigations have shown that a partial IT system outage at Lion is a result of a ransomware attack. In response, we immediately shut down key systems as a precaution,” a June 15 statement by Lion said.
“Our IT teams and expert cyber advisors have continued working throughout the weekend to investigate this incident, working to bring systems back online safely.”
As reported by iTWire, it’s suspected the culprits behind the attack are a notorious ransomware gang known as REvil. It’s allegedly demanding the company hand over $US800,000 (nearly $1.17 million) or face the black market auction of its sensitive documents.
Morrison has said the attack on Lion is unrelated to Friday morning’s announcement.