Increased cyber threat activity targeting Snowflake customers

Release date
01 June 2024
Alert rating
High

Description

The ASD’s ACSC is aware of increased cyber threat activity regarding Snowflake customers.

Audience

Small & medium businessesOrganisations & Critical InfrastructureGovernment

Current update

The ASD’s ACSC is aware of increased cyber threat activity regarding Snowflake customers.

Background / What has happened?

  • The ASD’s ACSC is tracking increased cyber threat activity relating to Snowflake customer environments.
  • The ASD’s ACSC is aware of successful compromises of several companies utilising Snowflake environments.

Mitigation / How do I stay secure?

  • Australian organisations who utilise Snowflake should reset credentials for active accounts, disable non-active accounts, enable Multi-Factor Authentication (MFA), and review user activity.
  • Snowflake have published an advisory to assist in identifying instances of unauthorised access.

Assistance / Where can I go for help?

The ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

TisaAssist bot
🤖 Hello, how can I assist you today?
I can help you with:
✅ Answer questions related to the website.
✅ Help you understand things you don't know.
❓ What's Tisalabs
💻 What's IoT
🔒 Why sensor data must be protected?