Prime Minister Scott Morrison announced details of the ongoing attack this morning, but he couldn’t say which nations was behind it or what their motivation was.

“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used,” Mr Morrison told reporters in Canberra.

“The Australian Government is aware of and alert to the threat of cyber attacks.”

Defence Minister Linda Reynolds said there is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication in Australia.

RELATED: Australia under attack by ‘state-based’ hacker

“This activity harms Australia’s national security and also our economic interests. It’s vital that all-Australian organisations are alert to this threat and take steps to protect their own networks,” she said.

She said all Australian organisations, who might be concerned about their vulnerability to sophisticated cyber compromise can take three simple steps to protect themselves.

Firstly, “patch” your internet devices as soon as possible by making sure that any web or email servers are fully updated with the latest software. “Patching” simply means updating with fixes or improvements to software.

Secondly, ensure you always use multi-factor authentication to secure your internet access, infrastructure and also your cloud-based platforms.

Thirdly, it’s important to become an Australian Cyber Security Centre (ACSC) partner to ensure you get the latest cyber threat advice to protect your organisation online.

Today, the Australian Cyber Security Centre and the Department of Home Affairs have published a very detailed technical advisory which is available at cyber.gov.au.

“This advisory provides all the necessary steps that Australian organisations must take to detect and also to mitigate this threat,” said Ms Reynolds. “The Australian Cyber Security Centre and the Department of Home Affairs 24/7 protect the Australian Government, Australian organisations and individuals.

She said the responsibility of keeping Australia safe from cyber attacks rest on everyone.

“Finally, can I remind all Australians that cyber security is a shared responsibility of us all. For further advice on how to protect yourself from cyber threats,” she said.

“I urge all Australians today to visit cyber.gov.au for all of the information you need to keep your organisation and your family safe online.”

The Australian Cyber Security Centre released technical guidance in late May outlining more than 50 types of attacks that have been increasingly used over the past year.

The tactics, techniques and procedures include the exploitation of remote access programs such as Pulse Connect Secure and Citrix, many of which have been used by people working from home during the coronavirus pandemic.

They include sending malware as an email attachment, using stolen credentials to access email accounts and stealing or encrypting data

Ransomware, where data is encrypted and money demanded in exchange for the decryption key has been used, as has activity designed to hide malware including clearing Windows event logs and deleting or changing timestamps on files

Mr Morrison said targets included all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.

In the past two months, large companies including beverage producers Lion, BlueScope, and logistics giant Toll Group have been targeted with ransomware multiple times

Originally published as How to protect yourself from the cyber attack on Australia