Insurance experts and Australia’s defence department are urging businesses to check their cyber security measures are up to date after Prime Minister Scott Morrison warned last week that organisations are being targeted by a “sophisticated state-based cyber actor”.

The warning made headlines around the world, with Mr Morrison saying the activity was targeting all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.

Law firm Clyde & Co, which has a dedicated cyber incident response practice, says all organisations should pass on the warning to their IT team or managed service provider for action.

The Australian Cyber Security Centre (ACSC) also warned organisations to take immediate steps to enhance the resilience of their networks. The attack is targeting public-facing infrastructure, particularly through vulnerabilities in unpatched versions of Telerik UI, Microsoft Internet Information Services, 2019 SharePoint and 2019 Citrix.

There is also evidence the actor – which multiple sources have identified as China – is utilising “spearphishing" techniques, including sending links to harvest websites, malicious files and luring via click-through events.

Defence Minister Linda Reynolds says organisations should patch their internet-facing devices promptly, ensuring that any web or email servers are fully updated with the latest software. They should also always use multifactor authentication to secure internet access, infrastructure and cloud-based platforms.

The ACSC and the Department of Home Affairs have published a detailed technical advisory available here.

“Businesses should ensure their anti-virus software and backups are all up to date and educate employees to watch for phishing emails,” Emergence Insurance told its LinkedIn followers.