How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises

How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises In conjunction with an announcement by the Australian Prime Minster, Scott Morrison, on National Television, the Australian Cyber Security Centre (ACSC) recently published an advisory (Advisory 2020-008: Copy-paste compromises) giving the MITRE Tactics, Techniques and Procedures (TTPs) used against multiple Australian organisations seen in recent campaigns by a sophisticated threat actor.   The title “Copy-paste compromises” is derived from the actor’s heavy use of tools copied almost identically from open source. One of the ACSC recommendation is that:   “It is imperative that Australian organisations are alert to this threat and take steps to enhance the resilience of their networks.”   And while the Advisory also recommends the following:   Prompt patching of internet-facing software, operating systems and devices Use of multi-factor authentication across all remote access services Implementing the remainder of the