Australia must act: latest Petya Cyber Attack shows strategies not working
Petya cyber attack ransomware.
The latest ‘Petya’ ransonware attack striking across the globe so soon after the WannaCry attack showed the national defence strategies were not working, Macquarie Telecom Group director Aidan Tudehope said.
New cyber strategy required.
Macquarie Telecom Group believes that only a wholesale restructuring of the national ICT infrastructure may be enough to address escalating and damaging cyber attacks.
Old systems can’t cope.
“The basic problem is the thousands and thousands of legacy computing and communications systems in businesses and homes.
“Too many of these systems are not being kept up to date with latest software releases so will never be secured.
Cloud specialists need to review legacy systems.
“There is no silver bullet. One necessary change has to be to try to get those old systems out of the national ICT network. Computing capacity should be managed by specialists. This means a rapid transition to the cloud.
National cyber defence strategy.
“The recent events are frightening because they show how exposed democratic nations are to not only criminals but potentially to an economic warfare attack.
“We need to begin a conversation about making a fundamental shift in the national cyber defence strategy,” he said.
What can you do?
First, ensure you have patched all your servers and workstations to ensure they are using the latest version of software. Once the malware has entered through an infected email, it spreads from computer to computer through Microsoft networking software.
Microsoft has released patches to close the vulnerability in various versions of its server software Windows operating system, guidance to who is affected, and advice as to immediate action you can take if the Petya cyber attack affects you. Some organisations install patches on a longer cycle – say, bimonthly – and might have missed patches released over the weekend.
Your second line of defence is to try to prevent the malware getting into your system in the first place.
The malware enters through an infected email. Emails carrying the infection can be stopped at your Internet Gateway (for those who use a Gateway) by ensuring your email filtering and firewall software is up to date with all the latest signatures.
Thirdly, users should be extra vigilant in opening suspicious email, especially when they log on for the first time after the weekend.
Finally, ensure that you have effective and up to date back-ups. That way, if all else fails, you can recover your lost data.
Who can you call?
If you have been impacted by this malware, you should report it to the National Computer Emergency Response Team (CERT Australia).
+61 2 6141 2999
Hotline: 1300 172 499
or the Australian Cyber Security Centre
1300 292 371