Overview
The Australian Cyber Security Centre (ACSC) investigated and responded to numerous cyber security incidents during 2019 and 2020 so far. This advisory provides a summary of notable tactics, techniques and procedures (TTPs) exploited by Advanced Persistent Threats (APT) and cybercriminals identified during the ACSC’s investigations. These TTPs are summarised practically in the framework of tactics and techniques provided by MITRE ATT&CK1 . This technical guidance is provided for IT security professionals at public and private sector organisations.
Recommended mitigations
Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs. Detection of related findings should be reported to the ACSC.
The ACSC strongly recommends implementing ASD’s Essential Eight. A review of investigations performed by the ACSC has shown that implementation of ASD’s Essential Eight on victim networks would substantially reduce the risk of compromise by the adversary TTPs identified in this advisory.