It has been reported that the Australian Signals Directorate (ASD) was alerted by a “partner organisation” that an attacker had gained access to the network of a 50-person aerospace engineering firm that subcontracts to the Department of Defence. The attack was said to have happened in November 2016.
Commenting on the news is Javvad Malik, security advocate at AlienVault, who said:
This incident highlights fundamental security errors. Leaving internet-facing devices exposed with default credentials is a guaranteed way to be compromised quickly.
Furthermore, the lack of any threat detection capabilities missed the attack coming in and exfiltrating a large amount of data.
While many enterprises may sometimes worry about advanced attacks, more often than not, tightening up security fundamentals, changing default credentials, managing assets, and monitoring for intrusions and threats is sufficient to deter or detect the majority of attacks.