‘Hacking tools that provide a variety of functions are widely and freely available for use by everyone from skilled penetration testers, state actors and organised criminals, through to amateur hackers,’ Alastair MacGibbon, Head of the Australian Cyber Security Centre said.
The tools detailed in this report are utilised after a system has been compromised to enable an actor to further their objectives within a network.
Experience from the authors shows that while cyber actors continue to develop their capabilities, they are not abandoning common or established Tools, Techniques and Procedures (TTPs).
Even more sophisticated groups will use publicly available tools and take advantage of basic security flaws to achieve their objectives.
‘These tools continue to be used to compromise information across a wide range of critical sectors, including health, finance, government and defence,’ Mr MacGibbon said.
‘The tools mentioned in this report have been widely observed as having continued negative impact, which can be mitigated if good security practices are followed.’
The report provides tangible and practical advice to enable cyber security practitioners to improve their cyber security posture.