- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- Change these 10 iOS settings right now to instantly get better iPhone battery life
- How to clear the cache on your Windows 11 PC (and why you shouldn't wait to do it)
- These Sony headphones deliver premium sound and comfort - without the premium price
- The LG soundbar I prefer for my home theater slaps with immersive audio - and it's not the newest model
Hackers Target Australian Defense Communications Platform With Ransomware
Threat actors have conducted a ransomware attack against a communications platform used by Australian military personnel and defense staff.
Named ForceNet, the company is one of the defense department’s external service providers employed to run one of its websites.
At the time of writing, it would appear that no data has been compromised, according to Assistant Minister For Defence Matt Thistlethwaite, who spoke with ABC Radio earlier today, as reported by Reuters.
Still, some private information like dates of birth and enlistment details of military personnel may have been stolen, reported the Australian Broadcasting Corp, citing an unnamed source with knowledge of the matter.
ForceNet has become the latest company hacked in Australia, following some of the biggest firms in the country suffering data breaches over the last couple of months.
These include telecoms giant Optus, owned by Singapore Telecommunications, and the country’s largest health insurer, Medibank.
“Another week, another breach. It seems like things are going from bad to worse down under,” Julia O’Toole, CEO of MyCena Security Solutions, told Infosecurity, commenting on the news.
“It is not clear how this latest incident occurred, but it raises further alarm bells at a time when the world’s eyes are already on the security of Australia.”
According to the security expert, the bad news trend is likely to continue until organizations take back control over their digital network access.
“In almost all security breaches, hackers don’t hack in; they log in. They steal credentials without any obstacles because employees make and control the digital keys (passwords) to access an organization’s network,” O’Toole explained.
“As long as these organizations continue to let their employees create their own keys to access their digital building and open all doors at the same time, there will be no respite.”
To tackle these vulnerabilities, organizations should take control of their access keys and improve their resilience.
“This can easily be done through access encryption and segmentation, where employees use encrypted credentials without the need to see, make or know any of them,” O’Toole concluded. “This would stop exposing organizations to human errors and effectively prevent network doors from being breached.”
For more information about how companies can defend against ransomware attacks, you can read this analysis by Steve Forbes, a government cybersecurity expert at Nominet.
