At the beginning of March, Microsoft detected a vulnerability in the Microsoft Exchange software. This vulnerability gives hackers the ability to access Australian data. The Australian Cyber Security Centre (ACSC) has released advice detailing the cyber security threat to Australian businesses and organisations, and links to how to patch vulnerable versions of Microsoft Exchange. However, many Australian businesses have not yet installed the Microsoft patch and this is the necessary software update to protect themselves from potential compromise.
Assistant Minister for Defence Andrew Hastie urged all Australian organisations to visit www.cyber.gov.au for information on this vulnerability and the steps required to address this threat.
“The Morrison government’s first priority is to keep Australians safe, including when online, and it is vital that small businesses and organisations take the necessary steps to protect themselves from this vulnerability,” Hastie said. “My first priority is to keep Australians safe in both the physical world and online, and to do this I need everyone to listen to these warnings, and follow the advice of the ACSC and strengthen our cyber defences. If you use Microsoft Exchange it is critical that you move fast to shut this potential threat down.”
Cyber security is a team effort and a shared responsibility. It is vital that Australian businesses and organisations are alert to this threat and take the additional steps outlined by the ACSC and Microsoft to strengthen the resilience of their networks. By not patching, Australians are leaving their door open for criminals to exploit their computer systems.
While this vulnerability is new, these kinds of threats are not. Last financial year, the Australian Signals Directorate and the Australian Cyber Security Centre received over 60,000 cybercrime reports. That is one every 10 minutes. For all cyber security advice and guidance, including tips for how to stay secure online, visit www.cyber.gov.au or call 1300 CYBER1 (1300 292 371).