A cyber security expert is warning Australian NFPs to brace themselves for huge disruption as the toll of the world’s biggest ever cyber breach is still yet to be realised.
Described by some tech experts as the biggest cyber breach in history, the ‘Apache Log4j’ issue which first reared its head in December is yet to reveal the depth of destruction it will cause to Australian infrastructure.
The ‘Apache Log4j’ issue first reared its head in December of last year. The open-source Java-logging library showed multiple vulnerabilities that could be exploited by a remote attacker to control Java-based web servers and launch remote-code execution attacks.
One cyber security specialist is advising organisations to be as proactive as possible in finding out whether or not they have been compromised to prevent ransomware attacks and other malicious hacks
Many organisations may unknowingly have been hacked already. The modern tactic employed by most hackers is to work as quietly and discreetly as possible, burrowing deep into files, servers, emails and collecting key data before stinging an organisation for a ransom.
Many in the community and NFP sector are already at risk due to under-funded weaker systems, despite protecting the data of some of the most vulnerable members of society.
Initial steps organisations can take include:
- Enable reporting of suspicious behaviour – Google Mail, 365 and others have this feature available to highlight log-ins and activity from other locations
- Ask for help – get a fresh pair of eyes to review your network
- Conduct surveys – Survey similar organisations in your sector to see if they have noticed anything suspicious
- Use tracking softwares – Consider using a software to track recent activity and patterns
- Create a collective defence – pooling resources with like-minded organisations can create a broader, stronger network where you can share knowledge and work together to protect your sector