Tuesday, 26 January 2021 22:21

ASIC sic'd by sickening cyber security incident

0
Shares
By

On the 25th of January, ten days after ASIC became aware of a cyber security incident affecting a server used by ASIC, the world was notified of the ASIC hack attack.

ASIC is the Australian Security and Investments Commission, and on Monday of this week it reported a cyber security incident.

The government organisation reports the incident is "related to Accellion software used by ASIC to transfer files and attachments."

We are told that it "involved unauthorised access to a server which contained documents associated with recent Australian credit licence applications".

ASIC reports that "while the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor. At this time ASIC has not seen evidence that any Australian credit licence application forms or any attachments were opened or downloaded."

So, what is ASIC's response?

The organisation reports that, "as a precaution, and to protect information and systems, ASIC has disabled access to the affected server. ASIC is working on alternative arrangements for submitting credit application attachments which will be implemented shortly. No other ASIC technology infrastructure has been impacted or breached.

"ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident.

"ASIC’s IT team and cyber security advisers engaged by ASIC are undertaking a detailed forensic investigation and working to bring systems back online safely."

Acronis Cybersecurity Analyst Topher Tebow provided the following two questions and answers as commentary:

Q 1. The ACSC (Australia Cyber Security Centre) has warned businesses about the Accellion vulnerability that caused another breach lately – do you think more could've been done to prevent the second breach?

A. Tebow said: "With a warning going out just recently, it is unlikely that much more could have been done to avoid this breach.

"However, changes to the monitoring within the organisation could have alerted ASIC sooner, while more regular pentesting could have made them aware of the weakness – but considering those measures take a certain level of expertise to be done properly, this breach could have happened despite taking additional measures."

Q 2. Cybersecurity is always about finding balance between having sufficient protection suited for your threat landscape, and being able to operate and do business freely, without restrictions.

What do you believe to be the cause of the breach being allowed to happen? Are you surprised to see a large corporate entity slip up like that?

A. Tebow elaborated: "Based on the information on hand, this appears to be a vulnerability in a file transfer system (like Dropbox or similar), likely a third-party vulnerability in systems that the organisation didn't have direct access to audit.

"This isn't exactly a supply chain attack, but this time it was out of control of any affected organisations. The one thing to be done now is to work with the software providers to analyse the situation, fix the vulnerability and avoid it in the future."


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Published in Security
Tagged under
Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Latest from Alex Zaharov-Reutt

Related items

More in this category: « PoC exploit available for SAP Solution Manager flaw
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top