I have published many posts about leaks from hotel chains, big organizations and others. However, there has not been much information about governments, and specifically Australia public sectors, being regularly attacked.
Back on March 11th, Tenable released a report based on a number of countries, including Australia, where more than 50% of the organizations reported that they had experienced some type of phishing scam that resulted in credential theft. Also, more than 50% reported an attack against their infrastructure that resulted in downtime to plant and/or operational equipment.
Furthermore, more than 35% reported a significant disruption to business processes caused by malware.
This last one is very concerning as this may indicate the low use of proper antivirus/malware among the affected.
Keep in mind that this is applicable to any other individual or organization. Take a moment to ask yourself, do you have endpoint protection installed on your computer? Is this kept updated? Bear in mind that the most common way of getting malware is through unknown USB devices, and emails with attachments and/or links.
Always keep good cybersecurity hygiene when opening emails, attachments or links. Be careful when receiving unsolicited emails, attachments as they normally are the one carrying something else than text.
Be safe out there, until next Malware Monday.