In one case by a matter of hours.


The Australian Cyber Security Centre helped federal, state and local government agencies avert compromise through a vulnerability in MobileIron mobile device management software last year.

The centre revealed the action it took to prevent widespread compromise in its 2020 cyber security posture report [pdf] to parliament on Thursday.

It was one of 14 “high-priority operational tasking activities” undertaken in response to potential cyber threats through its cyber hygiene improvements programs (CHIPs) last year.

CHIPs provide Commonwealth agencies with “data-driven and actionable information” to help guide and target their cyber security efforts.

ACSC said CHIPs “provide the ACSC with visibility of internet-facing websites across 187 Commonwealth entities”

“CHIPs has visibility of, and is tracking, cyber hygiene indicators across 71,315 active Commonwealth government domains,” it said.

“This represents an increase in visibility of 54,297 active domains since February 2020 – an increase of approximately 320 percent.

The ACSC added four major capabilities to CHIPs in 2020, including email encryption scanning, dominant website scanning and critical security vulnerability scanning.

In the case of Mobiletron, the ACSC was able to “quickly identify internet-exposed and vulnerable… systems across Commonwealth, state and territory, and local governments”.

“The ACSC notified all government entities operating vulnerable devices of the device details, the critical vulnerability and the urgent need to patch or otherwise mitigate the risk,” it said.

“This timely and actionable information from the ACSC allowed some government entities to pre-empt adversary exploitation of their MobileIron devices, in one case by hours.”

Scans were also conducted on IP addresses to identify vulnerable F5 devices, compromised Microsoft Exchange servers and Microsoft Windows Domain Controller Zerologon vulnerabilities.

ACSC noted the speed in the exploitation of publicly reported vulnerabilities had increased during 2020.

“Both Citrix and MobileIron vulnerabilities had some of the fastest turnarounds for exploitation attempts by malicious actors in 2020,” it said.

“Reporting showed adversaries attempting to exploit these vulnerabilities within days of proof-of-concept codes being publicly released.”

The ACSC also more than quadrupled its visibility over federal government devices last year through its host-based sensor program.

It said the expansion of the program – which “collects telemetry from government devices” to improve the detection of intrusions – went from a pilot covering 10,000 devices to 40,000 devices.

“The expansion has provided the ACSC with improved visibility of Commonwealth entities’ ICT systems, enabling the ACSC to provide threat surface reports to participating [entitles],” it said.

“These reports provide entities with insight into their cyber security posture, as well as targeted uplift advice, for those ICT systems enrolled in the program.

“In 2020, the ACSC produced 20 of these reports for participating Commonwealth entities.”

The ACSC also recently established the protective domain name system, which it describes as a “scalable cyber defence capability”.

“Under the pilot, the ACSC processed approximately 2 billion queries from eight Commonwealth entities over the period from April to December 2020 – and blocked 4683 unique malicious cyber threats, preventing over 150,000 threat events,” it said.

“In 2021–22, the capability will be offered to all Commonwealth entities.”

Cyber resilience remains “low”

The report also reiterates ongoing issues around compliance with the government’s mandatory cyber security controls, with only 33 percent of agencies reporting a ‘managing’ level of maturity for the Essential Eight contols in 2019-20.

An agency is considered as having achieved the 'managing' maturity level when it has implemented all of the Top Four cyber security controls and has considered the remaining four remaining voluntary controls.

“Initial analysis from AGD’s 2019-20 PSPF maturity reporting shows that entities’ self-assessed implementation of the mandatory Top Four mitigation strategies remains at low levels across the Australian Government,” ACSC said.

The bulk of agencies (55 percent) reported having a ‘developing’ level of maturity, which means an agency’s implementation of the Top Four has been “substantial, but not fully effective”, while 11 percent reported having an ‘ad hoc’ level of maturity – the lowest possible score.

Only one percent of agencies achieved the highest rating under the maturity model, though this was worse than the two percent of agencies that reported having an ‘embedded’ level of maturity in the 2018-19 reporting period.

Despite the results, the ASD said agencies were “still making positive progress in improving their cyber security culture”, citing particular improvements in governance, training and leadership engagement.

For instance, around 12 percent more of entities are now “fully aligned with the ['user application hardening'] mitigation strategy compared with 2019”, while 10.5 percent of entities have “progressed from mostly to fully aligned with the 'application control'”.

“In 2020, implementation of the Essential Eight across Commonwealth entities improved slightly in comparison with previous years,” ACSC said.

“More Commonwealth entities are taking steps to apply the baseline strategies and increase the maturity of their implementation.”

The ACSC also noted that 75 percent of agencies now include cyber resilience in their business continuity plans and have developed incident response plans, up from 51 percent in 2019.

Japan travel news, japan travel guides, japan holiday destinations and japan reviews



Court awards defamation damages over cosmetic surgery Instagram story

A court has awarded $82,500 in damages to the owners of a cosmetic surgery clinic in what is thought to be Australia’s first judgment involving defamation in an Instagram story. In the Brisbane District Court, Judge Reid found former Beautyfull Cosmetic Medicine Clinic employee Clare Hayes defamed the clinic’s owners…

Read more: Court awards defamation damages over cosmetic surgery Instagram story

DTA chief to leave after three years

Takes up new role leading trade taskforce.

Read more: DTA chief to leave after three years

Future NBN pricing may have more options and constraints

As ACCC reveals its own thinking ahead of roundtable today.

Read more: Future NBN pricing may have more options and constraints

SA govt appoints new CISO from within

After resignation of inaugural IT security chief.

Read more: SA govt appoints new CISO from within

Telstra tops Aussie telcos, tech companies in renewables report card

As assessed by Greenpeace Australia.

Read more: Telstra tops Aussie telcos, tech companies in renewables report card

Govt seeks input on digital ID expansion plans

Consultation moves forward with position paper release.

Read more: Govt seeks input on digital ID expansion plans

AFP told to end over-reliance on network drives

After more than 90 percent of records found to be stored that way.

Read more: AFP told to end over-reliance on network drives

Fed govt cyber resilience unchanged since last year: auditor

Only one agency hits Essential Eight baseline.

Read more: Fed govt cyber resilience unchanged since last year: auditor

Govt to mandate Essential Eight cyber security controls

University of Wollongong strikes deal with OpenLearning

Melton City Council contractor handed own company over $1m of IT work

US tax chief asks Congress for authority to collect cryptocurrency transfer data

NBN Co looks to enforce 'fair use' for fixed-line users

Alleged Trickbot malware coder charged in US court

ACMA, US FCC partner to fight cross-border robocalls

Telstra finetunes virtual assistant Codi for 'async messaging' model