The Australian Signals Directorate has issued a critical alert: attackers are running a large-scale, AI-accelerated campaign against website content management systems — and many small Australian businesses are already compromised. Keeping a practice website patched, monitored and secure is now a real obligation, and it sits outside your hosting. SENTRY is the Medlink Connect service that takes it on.
01 · What's happening
On 9 July 2026, the ASD's Australian Cyber Security Centre issued a rare Critical Alert — Act Now. Attackers are scanning the internet at scale for vulnerable content management systems and planting webshells — hidden backdoors that hand them remote control of the web server.
Once a site is compromised, the alert warns, they use it to deface or disrupt the website, capture data entered by your website's users, serve malware and scams to your own visitors, and use that foothold as a pathway deeper into your network. The exploited vulnerabilities span dozens of common WordPress plugins and CMS platforms — the everyday building blocks of ordinary business websites.
The critical shift is speed. A newly-disclosed flaw is now exploited in hours, not weeks — and a "we'll update it next month" cycle can't keep pace.
02 · The gap you may not know exists
We host your website on secure, backed-up infrastructure. But hosting has never included the ongoing security maintenance of the website software itself — and that distinction matters more now than it ever has. Here's exactly where the line sits.
Keeping the site online, on our infrastructure
Keeping the site safe, at the software layer
03 · Why it matters for your practice
Your website carries your practice details, appointment and new-patient forms, and often collects information directly from patients. If it's compromised, the consequences aren't abstract.
Attackers can capture what patients enter, deface your public face, quietly serve scams and malware to the people who trust you, or use the site as a stepping stone toward your wider systems. Beyond the operational damage, an unmanaged, known-vulnerable public website is difficult to reconcile with a practice's information-security obligations.
SENTRY's monthly report is designed to serve as ready-made evidence for your accreditation file.
04 · Introducing the service
A single monthly service that takes full ownership of your website's security — continuously monitored and patched, hardened against attack, backed up, and reported on in plain English. It's driven by an AI-assisted monitoring platform, with our engineers making the judgement calls and doing the remediation.
SENTRY guards your website. ThreatIQ trains your team. Together they close both sides of the ACSC's warning — the technical layer and the human layer — under one RACGP-aligned Medlink Connect umbrella.
A managed web application firewall and content-delivery layer filters malicious traffic before it reaches your site, plus continuous malware and webshell scanning.
Core, plugin and theme updates monitored, tested and applied — with actively-exploited vulnerabilities prioritised and patched fast, not left for a monthly cycle.
Round-the-clock monitoring with AI anomaly detection, watching for the file changes and suspicious requests that signal an attack in progress.
Multi-factor authentication, brute-force protection and login lockdown, so a stolen or guessed password isn't enough to get in.
SSL/TLS kept valid and correctly configured, with security headers checked and maintained to modern standards.
Scheduled scans of your site and its components against live vulnerability feeds — so weaknesses are found on our watch, not the attacker's.
Daily immutable backups plus air-gapped disaster-recovery copies, with test-restores verified — so a clean, known-good version is always ready.
When a national alert like the ACSC's lands, we cross-reference it against your exact stack and tell you — in plain English — whether you're affected and what we've done.
If something does get through, we isolate, clean and restore — and give you a clear account of what happened and how it's been closed.
05 · What you receive every month
You shouldn't have to take security on faith. Every month you get a plain-English report showing exactly what we did, what we caught, and where you stand — the kind of documentation a surveyor is looking for.
06 · Why AI-driven
The ACSC alert is explicit: AI is accelerating the speed and scale of these attacks. A defence that runs at human pace — checking each site by hand every few weeks — was never going to keep up. SENTRY is built to move at the same tempo as the threat.
AI keeps every client's site under constant watch at once — not on a rotation, and not only when someone remembers to look.
The moment a vulnerability is disclosed, it's cross-referenced against your specific plugins and versions — so we know instantly whether it affects you.
By triaging automatically, we cut the gap between a flaw becoming public and your site being protected from weeks to hours.
AI does the tireless watching and triage. Our engineers make the calls, test the fixes and handle remediation. A force-multiplier — not a black box.
07 · Plans & pricing
One predictable monthly fee. No long lock-in — just continuous protection and a report each month. Prices are per website; multi-site practices and groups are covered under the Group plan.
08 · Our recommendation
Given the current ASD ACSC critical alert and your obligations under RACGP Criterion C6.4, leaving a public CMS website unmanaged is a risk we don't think any practice should carry. For most of our clients, the Practice plan is the right fit.
For practices that don't need a full content management system, there's an even stronger option: we can remove the risk at its source by rebuilding your site on a hardened, static platform with no plugins to exploit — the same approach we've taken with our own sites. We're happy to advise on what suits you.
09 · Getting started
We'll scan your current site, check it against the vulnerabilities named in the ACSC alert, and give you a plain-English picture of where you stand — with no obligation.
We scan your live site and report what we find, including any exposure to the current campaign.
We clean up anything outstanding, harden the site, verify backups and set your baseline.
Ongoing monitoring, patching and protection — with a clear report in your inbox every month.