Earlier this week, that a highly sophisticated actor had accessed their network and taken a copy of their Red Team’s tools. Red Team tools are often used by cyber security organisations to evaluate the security of networks. These same tools could be used to gain unauthorised access to victim networks.
The ACSC is working closely with FireEye and other intelligence partners to understand the risks facing Australian systems. To date there is no evidence these tools have been used against Australians.
FireEye have provided a to detect whether these tools may have been used against a network. All techniques listed as being used by FireEye are publicly known vulnerabilities. Ensuring an effective patching strategy, focusing on internet-facing systems, is the most effective mitigation against these tools. We recommend organisations follow advice provided in existing ACSC publications such as and ASD’s .
