Companies warned to boost cyber defence in wake of Ukraine crisis escalation

On Wednesday afternoon, the Australian government joined the governments of the United States and United Kingdom by placing sanctions on Russian banks and individuals, and at the same time issued a warning to organisations to boost their cyber defence.

Australian Prime Minister Scott Morrison said the government had already privately reached out to some entities and that local organisations should read guidance issued by the Australian Cyber Security Centre (ACSC).

“We have already been taking action on cyber defences and that has been done privately already with many companies, alerting them to the risk of potential counter responses by Russia and other actors in response to these decisions,” Morrison said.

“There is no evidence that any such attacks have taken place to date, I’m advised, but we are now publicly saying right across the country to go to [cyber.gov.au] so you can be clearly informed of the steps that you should be taking to ensure that you are protected as best as you can be from any cyber attacks.”

The prime minister added that cyber was the most obvious vector for Russian retaliation, and that companies could be targeted as well as be cyber collateral damage.

“The cyber attacks can sometimes come from miscalculation and misadventure, we have seen that in the past, where cyber attacks have sought to let loose various worms … or viruses and they get out of control of those who put them in the system,” he said.

In its guidance, the ACSC says organisations should be reviewing and enhancing their detection, mitigation, and response capabilities.

“Organisations should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required,” it states.

“Organisations should also assess their preparedness to respond to any cyber security incidents, and should review incident response and business continuity plans.”

Similar warnings have already been issued by Australia’s Five Eyes partners, with the UK National Cyber Security Centre stating that “there has been a historical pattern of cyber attacks on Ukraine with international consequences”.

Since last month, the Canadian Centre for Cyber Security has been warning administrators to isolate critical infrastructure from the internet if they would be deemed an attractive target.

“When using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted,” the warning said.

The US issued its warning in January.

In the past 24 hours, Russian President Vladimir Putin recognised two breakaway republics in eastern Ukraine and ordered forces into the regions on a so-called “peacekeeping” mission, triggering the responses from the Western democracies.

Related Coverage

• Microsoft: These hackers are targeting emergency response and security organizations in Ukraine
• A ‘massive’ hacking attack has hit government websites in Ukraine
• Microsoft says ‘destructive malware’ being used against Ukrainian organizations
• UK security centre urges companies to boost their defences after cyberattacks on Ukraine
• Ukraine crisis: Russian cyberattacks could affect organisations around the world, so take action now