Itpa webheader

ACSC issues national alert over malware campaign


By Dylan Bushell-Embling
Monday, 28 October, 2019


ACSC issues national alert over malware campaign

The Australian Cyber Security Centre (ACSC) has issued a national alert warning of a widespread malware campaign linked to the recent attack on Victorian regional hospitals and health services.

The National Cyber Security Committee (NCSC) has raised the national cyber threat level as a result of the scale of the Emotet Trojan attack, the ACSC said.

The NCSC has done this by raising the Cyber Incident Management Arrangements — which ranks the severity of declared national cyber incidents on a scale from one to five — to “Level 3 – Alert.”

According to the ACSC, Emotet malware is spread through malicious codes hidden in links or attachments of both targeted and untargeted phishing emails. It allows attackers to take control of affected systems and install additional malware.

ACSC Head Rachel Noble said the centre is working with state and territory governments to limit the spread of the malware and support organisations that have already been infected.

“Cybercriminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge,” she said.

“If Emotet infects your computer, it will open up a backdoor that will allow the cybercriminal to inject ransomware that could freeze your network.”

The ACSC is urging Australian critical infrastructure, business and government organisations to take steps including immediately disabling macros, scanning networks for existing infections and developing an incident response plan in case of an attack.

Organisations should also maintain firewalls as well as complementary security controls, and maintain offline backups that can easily be restored in case of a ransomware infection.

According to Garrett O’Hara, Technical Consultant for email security specialist Mimecast, organisations can take additional steps to mitigate the threat of macro-based email attacks.

Examples include implementing technology that automatically converts editable Word or other documents into non-writable PDF files.

“If attachment conversion to a safe format is not possible, using a technology stack that includes signature, heuristic and static analysis of files, followed by sandboxing, is important for mitigating attachment borne threats such as Emotet,” he said.

“Awareness training for employees is [key] as the last layer of defence. Having employees be suspicious of emails from anyone they don’t know — especially any emails containing links or attachments — is critical.”

Image credit: ©Sergey Nivens/Dollar Photo Club

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related News

Magento 1 still in wide use despite reaching end of life

Adobe has issued the final patches for version 1 of the popular e-commerce platform Magento, but...

Australians unprepared for digital and telehealth

Government has made digital and telehealth available through bulkbilling but Australians may...

All the world's top 500 supercomputers run Linux

All 500 of the world's fastest supercomputers use Linux, and nearly half are located in...


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd