The Australian government and industry have been warned to increase their cyber defences against attacks linked to China.

United States intelligence agencies issued an alert to allied governments on Wednesday about the targeting of major telecommunications companies and network service providers, and how to plug vulnerabilities.

After gaining an initial foothold, hackers identify critical users and infrastructure that controls authentication, authorisation and accounting. 

Invest in the journalism that makes a difference.

EOFY Sale. A year for just $99.

SAVE 50%

Armed with valid accounts and credentials, the state-sponsored cyber experts return and attack the network.

The China-sponsored hackers often use publicly available network tools to “blend into the noise or normal activity” of government and business networks.

These tools enable them to exploit broadband routers used in many offices, including equipment from major industry providers including Cisco, Fortinet, and MikroTik.

BEST PRACTICE:

*Keep systems and products updated and patched.

*Implement a centralised, automated patch management system.

*Enforce multi-factor authentication for all users, without exception.

*Implement and enforce strict password requirements.

*Disable unnecessary ports and protocols.

*Replace old equipment.

Save this EOFY while you make a difference

Australia has spoken. We want more from the people in power and deserve a media that keeps them on their toes. And thank you, because it’s been made abundantly clear that at Crikey we’re on the right track.

We’ve pushed our journalism as far as we could go. And that’s only been possible with reader support. Thank you. And if you haven’t yet subscribed, this is your time to join tens of thousands of Crikey members to take the plunge.

Peter Fray
Peter Fray
Editor-in-chief
SAVE 50%