Foreign power blamed for BoM attack
Last year’s attack on the Bureau of Meteorology’s network was likely conducted by a foreign intelligence service, according to the Australian Cyber Security Centre (ACSC).
The centre’s second Threat Report details the steps the Australian Signals Directorate (ASD) took to detect and respond to the breach.
According to the report, the ASD first detected suspicious activity from two computers on the bureau’s network. Upon investigating the ASD discovered a particular remote access tool malware that is popular with state-sponsored cyber attack actors.
Further investigation determined that by the time of detection it is likely the attacker had compromised all passwords on the Bureau’s network and had searched for and copied an unknown quantity of documents from the network.
The ACSC said that while it has attributed this attack to a foreign intelligence service, the security controls in place prior to the breach were insufficient to protect the network from more common cyber threats — for example, CryptoLocker malware was discovered on the network.
The report states that between the start of January last year and the end of June this year, the ASD responded to 1095 cybersecurity incidents on government systems determined to be serious enough to require an operational response.
Why AI agents are a new insider threat for business
AI-powered insiders are non-human actors operating within the perimeter, inheriting trusted...
Securing SMB organisations: closing the cyber gap through culture
Limited budgets and resources mean SMBs cannot financially prioritise cybersecurity as much as...
The silent cyberthreat lurking in mismanaged tokens
It took years of painful breaches for organisations to recognise the importance of secure...
