Strategies to Mitigate Targeted Cyber Intrusions
At least 85% of the targeted cyber intrusions that Defence Signals Directorate (DSD) responds to could be prevented by following the Top 4 mitigation strategies listed in our Strategies to Mitigate Targeted Cyber Intrusions:
- use application whitelisting to help prevent malicious software and other unapproved programs from running
- patch applications such as PDF readers, Microsoft Office, Java, Flash Player and web browsers
- patch operating system vulnerabilities
- minimise the number of users with administrative privileges.
The Strategies to Mitigate Targeted Cyber Intrusions are ranked in order of overall effectiveness. Rankings are based on DSD’s analysis of reported security incidents and vulnerabilities detected by DSD in testing the security of Australian government networks.
As of April 2013, the Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for Australian Government agencies.
Additional information
Further advice
- Top 4 Strategies to Mitigate Targeted Cyber Intrusions Mandatory for Australian Government Agencies
- Top 4 Mitigation Strategies to Protect Your ICT System (HTML)
- Top 4 Mitigation Strategies to Protect Your ICT System (430K PDF)
- Catch, Patch and Match video and brochure
- Implementing the Top 4 in a Windows Environment (1.8Mb PDF)
- The DSD Top 4 Mitigations Against Cyber Intrusions: An Implementation Guide for Project Managers (1.4Mb PDF) (courtesy Microsoft Australia)
- Assessing Security Vulnerabilities and Patches (HTML)
- Assessing Security Vulnerabilities and Patches (470K PDF)
Examples
- Example Implementation of Sanitising PDF Email Attachments to Disable Malicious Content (external link)
- Example Implementation of Web Domain Whitelisting (external link)
Contacts
- Australian government customers with questions regarding this advice can contact DSD Advice and Assistance
- Australian businesses and other private sector organisations seeking further information should contact CERT Australia
