pixel_dreams - Fotolia
The Australian Signals Directorate (ASD) has updated its advice regarding cyber protection strategies – essentially doubling the actions it mandates for government agencies and recommends for businesses.
As an intelligence agency in the Australian Government Department of Defence, the ASD is also the lead agency that coordinates operational responses to cyber attacks on important IT systems.
For the past four years, government departments have been obliged to undertake several security measures, such as using application whitelisting to block malicious software, regular patching of applications and operating systems, as well as limiting access to applications based on user duties.
While the ASD noted that at least 85% of adversary techniques used in cyber intrusions could be mitigated by those measures, it has now added four more to the list, establishing what it calls the “essential eight” designed to provide even greater protection.
The new recommendations include disabling untrusted Microsoft Office macros to prevent them from being used as malware vectors, blocking browser access to Adobe Flash Player, online ads and untrusted Java code, implementing multi factor authentication and ensuring daily back up of important data.
The ASD said the new recommendations, which were made after a review of information assets and IT systems that require greater protection, will provide the best “baseline protection” against malware infection and limit the impact of security incidents.
Australian prime minister Malcolm Turnbull and Dan Tehan, the minister assisting the prime minister on cyber security, were briefed by the ASD ahead of the launch of the new recommendations.
Turnbull said the need to protect Australia’s information assets had been reinforced by evidence of Russian efforts to influence the recent presidential election in the United States.
“It was politically controversial for a while in the United States, but it's acknowledged that there was Russian interference both in terms of hacking and seeking to influence the election through so-called fake news,” he said.
While Turnbull said there was no evidence of similar interference in Australia, Tehan noted that the ASD would be closely involved in ensuring the integrity of upcoming State elections.
Read more about cyber security in Australia
- Australia might be ranked low for its computer security preparedness, but there is enough innovation in the country to point to a more secure future.
- The relaxed attitude to IT security in Australia is holding back much-needed investment in security technology.
- Canberra is strengthening its cyber security response, but there is conflicting evidence about where the main threat is coming from.
- The costs associated with a security breach can mount up and it is difficult to put a number on it, but organisations are increasingly trying to do this as attacks increase.
Meanwhile, the prime minister – who once exhorted his cabinet to use Slack for communications and has since been revealed as a WhatsApp fan for minister-to-minister chats – warned that organisations needed to ensure their staff were aware of cyber threats, as the greatest threat came from what he described as “warmware” – people.
“Awareness is the most important first step,” Turnbull said. “A lot of vulnerabilities, as you will have seen, come from people not following good cyber practice. They open attachments from sources they are not familiar with. They’re not sufficiently careful in the way they manage their passwords. They don't, for example, use two-factor authentication with cloud-based applications and so forth.”