Powered by MOMENTUM MEDIA

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

Defence renews call for cyber vigilliance

The Commonwealth has urged organisations to upgrade their cyber infrastructure, with many failing to adequately respond to recent cyber attacks.

The Commonwealth has urged organisations to upgrade their cyber infrastructure, with many failing to adequately respond to recent cyber attacks.

Earlier this month, the Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) identified “extensive targeting” and compromises of Australian organisations with vulnerable Microsoft Exchange networks. 

Advertisement
Advertisement

The ACSC noted that while it is assisting affected organisations with their incident response and remediation, a number of stakeholders are yet to address the issue.

Organisations were urged to patch the following common vulnerabilities and exposures (CVEs):

  • CVE-2021-26855 - server-side request forgery (SSRF) vulnerability in Exchange;
  • CVE-2021-26857 - insecure deserialisation vulnerability in the Unified Messaging service;
  • CVE-2021-26858 - post-authentication arbitrary file write vulnerability in Exchange; and
  • CVE-2021-27065 - post-authentication arbitrary file write vulnerability in Exchange.

However, in a statement released on Thursday (25 March), the federal government revealed that many businesses failed to install the patches.

Assistant Minister for Defence Andrew Hastie urged entities to implement appropriate safeguards and shore-up their defences against future threats.

“The Morrison government’s first priority is to keep Australians safe, including when online, and it is vital that small businesses and organisations take the necessary steps to protect themselves from this vulnerability,” Assistant Minister Hastie said.

PROMOTED CONTENT

“My first priority is to keep Australians safe in both the physical world and online, and to do this I need everyone to listen to these warnings, and follow the advice of the ACSC and strengthen our cyber defences.

“If you use Microsoft Exchange it is critical that you move fast to shut this potential threat down.”

[Related: Defence renews push to bolster cyber resilience]

Defence renews call for cyber vigilliance
breaking-the-cyber-cycle.jpg.jpg
lawyersweekly logo

 

more from defence connect

Apr 16 2021
Australia to depart Afghanistan
The Australian government has announced that Australia will depart Afghanistan following over 20 yea...
Egyptian Air Force extends C295 service contract
Apr 16 2021
Egyptian Air Force extends C295 service contract
Airbus has secured a new contract to service the world’s largest C295 fleet. ...
Apr 16 2021
Building a prosperous central Asia, could the ‘Kabul Corridor’ work?
Several central Asian nations have proposed the construction of an Uzbekistan-Pakistan rail line tha...
FROM THE WEB
Recommended by Spike Native Network