While small businesses were the target of the attack on Microsoft’s email software earlier this year, months later, 75,000 systems are yet to have the vulnerability fixed. There are still around 1700 organisations in Australia that remain unprotected. Cyber Security company Internet 2.0 has launched a public awareness campaign to ensure that all Australian organisations implement the Microsoft security updates immediately, given the severity of this attack.
Organisations can access this here.
Earlier this year, State-sponsored actors perpetrated many attacks targeting Microsoft customers, impacting email systems globally. Months later, over 75,000 systems are yet to have the vulnerability fixed.
Microsoft released security updates to protect customers and strongly encouraged everyone to apply the updates immediately. This was followed by a public campaign by US Cyber Command and the Australian Centre for Cyber Security to encourage all organisations to apply the patch. Most customers did so.
Around 1700 public and private sector organisations in Australia remain vulnerable several months after Microsoft sounded the alarm and the patch was released. These include three local Council networks, universities, schools, financial institutions, not-for-profits and law firms.
“Internet 2.0 has launched a public awareness initiative to assist those whose cyber security protections are not what they should be. Given the severity of this vulnerability, we have gone one step further and provided any organisation concerned about their exposure with a mechanism to check their risk,” says Chris Lawley, Internet 2.0’s Chief Commercial Officer.
The past 18 months have made clear to all Australians the impact viral attacks can have. This is no different.
“Every Australian business must make sure their patches are up-to-date. You’re letting the country down if you don’t,” says Internet 2.0 Advisory Board member and former SA Government Minister for Innovation, the Hon. Tom Kenyon.
We are also conscious that the impact is not felt equally across an economy. “This vulnerability impacts people who don’t have access to the sophisticated cybersecurity talent that exists in the market, and it has fallen especially heavily on the developing world,” says Managing Director of Internet 2.0 Partner Astrolab and former PNG government official.
Organisations that remain exposed leave themselves vulnerable to ransomware attacks that then have a material impact on their operations, protection of customer information, and ultimately profitability.
Internet 2.0 Advisory Board Member Maria MacNamara says: “Between 2019 and 2020, there has been a 62% increase in ransomware. It is incumbent upon leaders of every organisation and their boards to satisfy themselves that their systems are secure. One way to mitigate the risk of ransomware attacks is for leaders to be aware of the significant attacks and satisfy themselves that their organisations have responded. A policy of patch early is critical.”
- New Nation Cyber Attacks – notification by Microsoft
- Microsoft updates – available here
- Public Awareness Project – available here