• Bradley Sing

    Bradley Sing is currently Technical Consultant at Mimecast where he has been since November 2016. Bradley has been working in the technology industry for almost four years and draws on his previous experience to help align customer business needs with the technical solutions that Mimecast provides, which ranges from product demonstrations to help documenting processes and aspects of products. Prior to his role at Mimecast, Bradley worked across the web hosting & domain name industry in Australia, working for Melbourne-based web hosting startup Hosting Australia and previously Melbourne IT Group.

    Comments:0

    Add comment
Bradley Sing

This month in security: March 2021

Content

Australian corporations hit by massive Microsoft Server hack 

The ACSC confirmed that Australian organisations, which could include over 7000 servers locally, had been affected by the hack. 
 
Perspective 
the ACSC raised a warning to Aussie corporations using Microsoft Exchange services to urgently patch their software after it was compromised by hackers earlier this month. The Cyberattacks on Microsoft’s Exchange servers have affected countless organisations across the world, including many in Australia. While Microsoft initially attributed the attacks to a Chinese hacking group known as Hafnium, other cybercrime groups had also jumped on the hacking bandwagon before the patches could be released. Microsoft has published a blog post explaining how to patch the product to protect it from the hack, so if you’re using MS Exchange services in any shape or form, best to get those patches installed ASAP. 

 

Disruptions at hospitals in eastern Melbourne in wake of suspected cyberattack 

Box Hill, Maroondah, Healesville and Angliss hospitals dealt with IT disruptions after some of their computer networks were taken offline. 
 
Perspective 
The attack seems to have been targeted at Eastern Health, a related health organisation that also runs day hospitals and community health services, including Yarra Ranges Health, Yarra Valley Health, Wantirna Health and the Peter James Centre in Burwood East. Some elective surgeries had to be postponed or suspended while the incident was resolved. We’ve talked before about how vulnerable our healthcare sector is, and the situation is getting more serious as cyberattacks continue to scale up. 
 

 

Ex-contractor accessed VIC government’s IT system 260 times a year after leaving

 A former caseworker was able to access confidential information for months after leaving their role. 

Perspective 
report from The Office of the Victorian Information Commissioner (OVIC) revealed a data breach at the former Department of Health and Human Services (DHHS), in which a former employee of a contracted service provider (CSP) continued to have unauthorised access to client information long after their departure from their role. The security lapse was attributed to human error and gaps in the deprovisioning process in the system. The CSP in question has upgraded its security measures and the DHHS (now the DFFH) is on schedule to complete all the specified security actions required. 

 

Airline travellers warned about data breach 

Customers of Air New Zealand and Singapore Airlines may have been affected by a breach

Perspective 
The breach was confirmed by SITA on February 24 with the public notified on March 4. Air New Zealand told its customers the compromised data was limited to their “names, tier status and membership numbers”, and did not include any passwords, credit card information or other personal consumer data. Malaysia Airlines also dealt with a separate data breach incident, which exposed the personal information of members in its frequent flyer program, some of which dates as far back as nine years. COVID may be keeping us from travelling, but that hasn’t stopped attackers from trying to get into our frequent flier miles. 

 

Multinational dairy giant Lactalis targeted by cyberattack

The French dairy group Lactalis was targeted by hackers earlier this month, but claimed that there was no evidence of a data breach. 

Perspective 
Lactalis, one of the world’s leading dairy groups, operates across 51 countries and also has a presence in Australia through their Oak, Ice Break and Galbani brands of dairy products. The company said a malicious third party attempted to breach its computer network, but it managed to contain the attack. Don’t risk getting milked by attackers. Review your cybersecurity before things go sour. (Okay, I'll stop with the milk-based puns now.) 

 

Acer reportedly hit with ransomware attack, hackers demand $50 million

The attack looks to be the work of the REvil group that hit Travelex last year. 

Perspective 
It looks like the famed Microsoft Exchange incident has impacted Taiwanese computer manufactuer Acer as well, with reports suggesting they’ve been hit by a ransomware attack and a $50 million ransom. Being a technology company, Acer is no stranger to cyberattacks and is currently investigating the incident.  

Technical Consultant, Mimecast

Bradley Sing is currently Technical Consultant at Mimecast where he has been since November 2016. Bradley has been working in the technology industry for almost four years and draws on his previous experience to help align customer business needs with the technical solutions that Mimecast provides, which ranges from product demonstrations to help documenting processes and aspects of products. Prior to his role at Mimecast, Bradley worked across the web hosting & domain name industry in Australia, working for Melbourne-based web hosting startup Hosting Australia and previously Melbourne IT Group.

Stay safe and secure with latest information and news on threats.
User Name
Bradley Sing