In collaboration with international partners, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has released a new joint advisory on the People’s Republic of China (PRC) state-sponsored cyber group, APT40, and the current threat it poses to Australian networks.
APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets. The group uses compromised devices, including small-office/home-office (SOHO) devices, to launch attacks that blend in with legitimate traffic, challenging network defenders.
APT40 continues to find success exploiting vulnerabilities in end-of-life or no longer maintained devices on networks of interest and systems that are poorly maintained and unpatched.
Organisations are encouraged to implement the ASD Essential Eight mitigation strategies, as well as relevant additional mitigations from our Strategies to Mitigate Cyber Security Incidents guidance.
To find out more about APT40, read the full advisory here.