Foreign power blamed for BoM attack
Last year’s attack on the Bureau of Meteorology’s network was likely conducted by a foreign intelligence service, according to the Australian Cyber Security Centre (ACSC).
The centre’s second Threat Report details the steps the Australian Signals Directorate (ASD) took to detect and respond to the breach.
According to the report, the ASD first detected suspicious activity from two computers on the bureau’s network. Upon investigating the ASD discovered a particular remote access tool malware that is popular with state-sponsored cyber attack actors.
Further investigation determined that by the time of detection it is likely the attacker had compromised all passwords on the Bureau’s network and had searched for and copied an unknown quantity of documents from the network.
The ACSC said that while it has attributed this attack to a foreign intelligence service, the security controls in place prior to the breach were insufficient to protect the network from more common cyber threats — for example, CryptoLocker malware was discovered on the network.
The report states that between the start of January last year and the end of June this year, the ASD responded to 1095 cybersecurity incidents on government systems determined to be serious enough to require an operational response.
Secure-by-design software development for digital innovation
The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...
Bolstering AI-powered cybersecurity in the face of increasing threats
The escalation of complex cyber risks is becoming a pressing issue for those in business...
How attackers are weaponising GenAI through data poisoning and manipulation
The possibility for shared large language models to be manipulated through data poisoning...
