The Australian Cyber Security Centre (ACSC) is aware of a global Domain Name System (DNS) infrastructure hijacking campaign and urges organisations to protect their systems.
'We encourage administrators to follow best practices, including our Essential Eight mitigation strategies, to better safeguard their systems,' said Alastair MacGibbon, Head of the ACSC.
'While no single mitigation strategy is guaranteed to prevent cyber security incidents, ACSC recommends that organisations implement the eight essential mitigation strategies as a baseline,' he said.
'This baseline makes it much harder for cyber criminals to compromise systems.'
Using compromised credentials, cyber criminals can redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organisation's domain names, enabling person-in-the-middle attacks.