In its advisory on the matter, the ACSC said organisations should act now and follow its advice to improve their cyber security resilience due the heightened threat environment.

“There has been a historical pattern of cyber attacks against Ukraine that have had international consequences,” the ACSC noted.

“Malicious cyber activity could impact Australian organisations through unintended disruption or uncontained malicious cyber activities.

“While the ACSC is not aware of any current or specific threats to Australian organisations, adopting an enhanced cyber security posture and increased monitoring for threats will help to reduce the impacts to Australian organisations.”

Organisations should be reviewing and enhancing detection, mitigation and response measures.

This includes ensuring that logging and detection systems in their environment are fully updated and functioning, and additional monitoring of networks is conducted where required.

Organisations should also assess their preparedness to respond to any cyber security incidents and should review incident response and business continuity plans.

ACSC’s Essential 8 strategies

The ACSC’s Cyber Incident Response Plan – Guidance & Template can assist organisations to produce an incident response plan.

The ACSC Essential 8 is a series of baseline mitigation strategies that makes it harder for cyber criminals to compromise systems. These include:

• Application control;
• Patch applications;
• Configure Microsoft Office macro settings;
• User application hardening;
• Restrict administrative privileges;
• Patch operating systems;
• Multi-factor authentication; and
• Regular backups.

Expert’s view

Paul Turner, Managing Director and CEO of IT solutions firm and Victorian Chamber member, Zynet, believes we should not rule out direct attacks on Australian firms, with collateral damage also to be expected.

“It is likely that all types of cyberattacks will be experienced and exploited here. Firms that are ill-prepared and have not properly considered what has to be in place, as a bare minimum, to mitigate cyber risk and increase their firm’s cyber posture, are likely to suffer business interruption and/or significant loss,” Mr Turner said

“Sometimes there is quite the misconception in terms of the risks that exist for every business regardless of industry, size, location.

“To do nothing is commercial suicide for Australian firms as it will mean that you will most certainly be impacted by these threats – either unknowingly (until it is too late to avoid severe impacts on your business) or you may have an immediate realisation that these cyber threats have become a reality and compromised your business.

“In a domino effect, potentially your customers, suppliers, partners and other related parties could also be casualties.”

Mr Turner said cybersecurity does not need to be a scary or expensive topic to discuss, with small and proactive steps possible to protect your business.

Further, it is worth considering beyond the initial interruption or financial impact.

“This includes the potentially unrecoverable loss of customer loyalty and trust, impact on your brand, business leaders being diverted into emergency mode and revenue loss – to name just a few areas,” Mr Turner said.

“Zynet has integrated the Essential 8 as part of the services we deliver to all our customers today. This is an integral part of protecting and securing business IT systems and data.

“As referenced in messaging from the ACSC, we have capabilities that allow clients to enhance their cyber security posture, improve threat monitoring and detection. This provides greater ability to mitigate risks.”

What to do next?

Victorian Chamber Executive Director ICT Glenn Goodwin said, “The ACSC alert highlights that all businesses must immediately do a health check on their cyber defences.

“The ACSC Essential 8 is a long-term project to improve your organisation’s cyber resilience, but takes planning and time. Those looking for actions today should: check your backups are working and secure; ensure that your laptops, servers and any hardware have the latest patches; and for any login to services, be sure to enable multi-factor authentication (MFA).”

The ACSC is monitoring the current situation and is able to provide assistance or advice as required.

Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371).

Any incidents should also be reported to: https://www.cyber.gov.au/acsc/report

Business leaders looking to assist with improving awareness and understanding of key risks can also book a 30-minute discovery call with Zynet on 1300 4 ZYNET (1300 499 638) or clicking here.