(1300 292 371)
Guidelines for System Hardening
This chapter of the ISM provides guidance on system hardening.
Hardening Linux Workstations and Servers
This publication has been developed to assist organisations understand how to harden Linux workstations and servers, including by applying the Essential Eight from the Australian Cyber Security Centre (ACSC)’s Strategies to Mitigate Cyber Security Incidents.
Hardening Microsoft Windows 10 version 21H1 Workstations
Workstations are often targeted by an adversary using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening workstations is an important part of reducing this risk. This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10 version 21H1.
Hardening Microsoft 365, Office 2021, Office 2019 and Office 2016
Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.
System Hardening Guidance
This page lists the ACSC’s publications that provide hardening guidance for systems, including operating systems, applications, workstations and servers.
Email Hardening Guidance
This page lists the ACSC’s publications on the protection of message exchange via electronic mail.
Web Hardening Guidance
This page lists the ACSC’s publications on the protection of services that can be accessed via the World Wide Web.
The process of securing a system by reducing its surface of vulnerability.
Implementing Multi-Factor Authentication
Multi-factor authentication is one of the most effective controls an organisation can implement to prevent an adversary from gaining access to a device or network and accessing sensitive information. When implemented correctly, multi-factor authentication can make it significantly more difficult for an adversary to steal legitimate credentials to facilitate further malicious activities on a network. Due to its effectiveness, multi-factor authentication is one of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents.
Guidelines for Enterprise Mobility
This chapter of the ISM provides guidance on enterprise mobility.
Essential Eight Maturity Model FAQ
The Essential Eight Maturity Model provides advice on how to implement the Essential Eight to mitigate different levels of adversary tradecraft and targeting.
Essential Eight Maturity Model
Guidelines for Database Systems
This chapter of the ISM provides guidance on database systems.
Strategies to Mitigate Cyber Security Incidents
The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to help cyber security professionals in all organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.
Strategies to Mitigate Cyber Security Incidents – Mitigation Details
Guidelines for Communications Systems
This chapter of the ISM provides guidance on communications systems.
Securing PowerShell in the Enterprise
This publication describes a maturity framework for PowerShell in a way that balances the security and business requirements of organisations. This maturity framework will enable organisations to take incremental steps towards securing PowerShell across their environment.
Guidelines for System Monitoring
This chapter of the ISM provides guidance on system monitoring.
The Commonwealth Cyber Security Posture in 2020
Reports and statistics
The Commonwealth Cyber Security Posture in 2020 report informs the Parliament of the status of the Commonwealth’s cyber security posture. Overall, the report found that Commonwealth entities continued to improve their cyber security in 2020. Ongoing effort is required to maintain the currency and effectiveness of cyber security measures.
Securing Content Management Systems
Security vulnerabilities within content management systems (CMS) installed on web servers of organisations are often exploited by adversaries. Once a CMS has been compromised, the web server can be used as infrastructure to facilitate targeted intrusion attempts.
Domain Name System Security for Domain Resolvers
This publication provides information on Domain Name System (DNS) security for recursive resolution servers, as well as mitigation strategies to reduce the risk of DNS resolver subversion or compromise. Organisations should implement the mitigation strategies in this publication to improve the security of their DNS infrastructure.
Domain Name System Security for Domain Owners
This publication provides information on Domain Name System (DNS) security for domain owners, as well as mitigation strategies to reduce the risk of misuse of domains and associated resources. Organisations are recommended to implement the mitigation strategies in this publication to improve the security of their DNS infrastructure.
Privileged access allows administrators to perform their duties such as establishing and making changes to key servers, networking devices, user workstations and user accounts. Privileged access or credentials are often seen as the ‘keys to the kingdom’ as they allow the bearers to have access and control over many different assets within a network. This publication provides guidance on how to implement secure administration techniques.
Security Configuration Guide – Apple iOS 14 Devices
The ACSC has developed this guide to assist Australian’s to understand the risks of deploying iOS 14 and the security requirements that need to be met to allow iOS 14 to handle sensitive or classified data.
Security measures that are applied within a network and require limited human interaction. Passive defence includes logging and monitoring mechanisms, and implementation of tools and processes to harden networks including firewalls, application hardening, patching procedures and antivirus software.
Security Configuration Guide – Samsung Galaxy S10, S20 and Note 20 Devices
The ACSC has developed this guide to assist Australian’s to understand the risks when deploying Samsung Galaxy S10 and S20 devices.
Fundamentals of Cross Domain Solutions
This guidance introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains. It explains the purpose of a Cross Domain Solution (CDS) and promotes a data-centric approach to a CDS system implementation based on architectural principles and risk management. This guidance also covers a broad range of fundamental concepts relating to a CDS, which should be accessible to readers who have some familiarity with the field of cyber security. Organisations with complex information sharing requirements are encouraged to refer to this guidance in the planning, analysis, design and implementation of CDS systems.
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia’s invasion of Ukraine has altered the geopolitical balance in ways that could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners.
Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks
The Australian Cyber Security Centre (ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.
Windows Event Logging and Forwarding
A common theme identified by the Australian Cyber Security Centre (ACSC) while performing investigations is that organisations have insufficient visibility of activity occurring on their workstations and servers. Good visibility of what is happening in an organisation’s environment is essential for conducting an effective investigation. It also aids incident response efforts by providing critical insights into the events relating to a cyber security incident and reduces the overall cost of responding to them.
1300 CYBER1(1300 292 371)