Australia issues cyber warning over Russian hackers targeting critical industries
The Australian Signals Directorate says defence, energy, communications, healthcare and financial services are being targeted through outdated software, exposed routers and predictable passwords
The Australian Signals Directorate has issued a new warning about cyber groups linked to Russian intelligence agencies targeting critical infrastructure and strategic industries in Australia.
The alert was released with almost two dozen international partner agencies and focuses on organisations operating in defence, communications, energy, healthcare and financial services.
State and local government bodies are also considered particularly vulnerable because of the size and complexity of their digital networks.
Routers and vulnerable devices targeted
According to the ASD, the attacks do not necessarily rely on highly sophisticated technology.
Hackers are searching for routers, switches, laptops and other network devices using outdated software, factory settings or weak passwords.
Once a vulnerable device is identified, attackers may gain access to the organisation’s network, steal login credentials and move through connected systems in search of sensitive information.
Links to Russian intelligence services
The ASD says the activity is associated with cyber groups operating on behalf of Russia’s Federal Security Service, known as the FSB.
Groups named in the warning include Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard and Static Tundra.
Different security agencies may use different names for the same operators, but the groups have been monitored for years over attacks targeting governments, companies and essential infrastructure.
A simple but effective method
Former Australian Cyber Security Centre head Alastair MacGibbon compared the method to someone walking through a neighbourhood and checking which doors have been left unlocked.
The attackers scan large numbers of internet addresses looking for equipment that has not been updated or is still protected by the manufacturer’s default username and password.
The approach may appear basic, but it can be extremely effective when carried out on a large scale.
The danger of remaining undetected
One of the greatest risks is the amount of time attackers may remain inside a network before the intrusion is discovered.
The longer a breach goes undetected, the more opportunity hackers have to steal documents, passwords, personal information and details about an organisation’s operations.
Access may also be used to prepare future attacks, disrupt essential services or create entry points that could be activated during an international crisis.
Defence, energy and communications at risk
The targeting of critical infrastructure makes the warning particularly serious.
A successful attack against an energy provider, telecommunications network or defence organisation could have consequences far beyond the theft of data.
Even a temporary disruption could affect businesses, transport systems, hospitals and members of the public in a society increasingly dependent on connected digital services.
Warning coordinated with international allies
The alert was issued in cooperation with the United States National Security Agency and security bodies in the United Kingdom, New Zealand, Canada, Finland, France and Denmark.
The involvement of multiple countries indicates that the threat is not limited to Australia but forms part of a broader international campaign against public and private networks.
Five Eyes countries had already issued a warning about cyber risks associated with artificial intelligence and advised organisations to disconnect systems that do not need to remain online.
Many devices should not be exposed online
Experts say many routers used by organisations should be protected behind firewalls and should never be directly accessible from the public internet.
Some businesses may not know exactly how many devices are connected to their networks or may not realise that certain equipment is visible to external users.
A single forgotten or outdated device can provide attackers with a pathway into an entire organisation.
Measures recommended by the ASD
The Australian Signals Directorate is urging organisations to update the software and firmware on network devices and remove all factory-default credentials.
Passwords should be long, unique and stored securely. Multi-factor authentication should also be enabled wherever possible.
Businesses and government bodies are being encouraged to identify which devices are exposed online, review access logs regularly and isolate systems that do not require an external connection.
A cybercrime report every six minutes
ASD data shows that a cybercrime report is made in Australia approximately every six minutes.
Not every incident is linked to a foreign government, but the figure highlights how digital threats have become part of everyday life for citizens, businesses and public institutions.
State-linked cyber campaigns represent a different level of danger because their objectives may be political, strategic or military as well as financial.
Cybersecurity begins with the basics
The warning demonstrates that major cyberattacks do not always begin with advanced or unfamiliar technology.
Many breaches succeed because software has not been updated, a password has not been changed or a network service has been left unnecessarily exposed.
For governments and businesses, protecting critical infrastructure begins with basic measures: understanding their systems, installing security updates and preventing vulnerable equipment from remaining visible to attackers.
fety #AlloraOnline
The post Australia issues cyber warning over Russian hackers targeting critical industries first appeared on Allora! Italian Australian News.
Qual è la tua reazione?
Mi piace
0
Antipatico
0
Lo amo
0
Comico
0
Wow
0
Triste
0
Furioso
0
Commenti (0)