The key takeaway, if you think they only go for the “BIG FISH” think again, let Rapid Tech handle your security needs and do all the heavy lifting so you can focus on what you do best. We provide all the documentation for cybersecurity insurance and to enable your business to work with contractors that require you to follow NIST and CMMC guidelines.
Today, we released a Joint Cybersecurity Advisory with international partners about a People’s Republic of China (PRC) state-sponsored cyber group, APT40, and the current threat it poses to Australian networks. APT40 is conducting regular reconnaissance against networks of interest in Australia looking for opportunities to compromise its targets. The group uses compromised infrastructure, including small-office/home-office (SOHO) devices as operational infrastructure, to launch attacks that blend in with legitimate traffic and challenge network defenders. This regular reconnaissance allows them to identify vulnerable, end-of-life or no longer maintained devices on networks of interest, and rapidly deploy exploits. APT40 continues to find success exploiting vulnerabilities due to systems being unpatched. We strongly recommend implementing the ASD Essential Eight mitigation strategies, as well as additional relevant mitigations from our Strategies to Mitigate Cyber Security Incidents guidance. Mitigation that can reduce the effectiveness of the activity includes: •Logging and detection – maintaining comprehensive and historical logging information across web servers, window events, and internet proxy •Patch management – implement a centralized patch management system to automate and expedite the patch process. •Network segmentation – segments networks to limit or block lateral movement by denying traffic between computers unless required. This advisory has been jointly issued by the FBI Cyber Division, Cybersecurity and Infrastructure Security Agency, National Security Agency, and Australian Signals Directorate. To read the advisory and learn more about how to identify, prevent and remediate APT40 intrusions, visit https://lnkd.in/gSAA49dU.