At times like these, the media has to be vigilant not to pump up the threat; hence, none of these firms got a run.
But this evening, I found that there was one company that was worthy of mention: the email security provider Mimecast.
Morrison admits it's an ongoing thing. No one event or instance. Leading to the question, why the gravity and blue room announcement?— Josh Taylor (@joshgnosis) June 18, 2020
In a short note sent to me, the company said it had conducted a grid signal and trend analysis that showed "there wasn’t a specific attack campaign – but rather that the frequency of broad attacks from a particular state-based actor has increased. This is an acknowledgement of what we have been raising awareness about for some time".
Mimecast said in its statement: "Following the Australian Government’s announcement this morning of an alleged state-sponsored cyber-attack, Mimecast’s Threat Intelligence Team conducted a grid signal and trend analysis that did not reveal any of the email-related indicators of compromise published by the ACSC."
Imagine if Scott Morrison has to announce an ACTUAL cyberattack. He’s just blown a lot of trust on nothing.— Rhys Muldoon (@rhysam) June 19, 2020
The company also quoted from its latest Threat Intelligence Report where it stated: “Australia suffered a significant increase in cyber attacks against a wide range of industries – notably education, government, transportation, and manufacturing. Given the repeated nature of the threats and the resource and effort behind them, it is almost certain the threat actors involved represent an organised and determined criminal or state-sponsored threat.”
This report was produced in time for the RSA Conference of 2020 which did not take place due to the pandemic; it was conducted online.
The report further said: “These attacks were likely intended to impact or exfiltrate research and other intellectual property, but may also have been intended to monitor student activities or behaviour – especially since Australia is becoming a key investment area for Asian businesses over the US, making it highly likely the future threat landscape will be negatively impacted in terms of the volume and complexity of such threats and attacks.
"The region is also strategically key to US and Asian interests and is likely to suffer increased targeting as a consequence of this importance.”
Given the inclination of the security industry to leap upon false alarms of this kind and hype up the fear, it is heartening to see one company bucking the trend and introducing a note of sobriety and realism.
Mimecast added in its short note: "In light of this, we envisage solutions hosted onshore and owned by companies in [the] Five Eyes community of countries will be viewed favourably moving forward.
"It is reassuring to see that cyber security is increasing in priority and that the government is encouraging both the public and private sectors to build resilience and take security more seriously than they have to date. Mimecast looks forward to further collaboration on threat intelligence between government and the states through the Joint Cyber Security Centre program."