Story image

ACSC: Australia under 'undeniable, unrelenting' cyber threat

29 Jul 2015

Australian organisations face ‘undeniable, unrelenting’ cyber threats that continue to grow according to the Australian Cyber Security Centre’s first ever unclassified cyber security threat report.

“If an organisation is connected to the internet, it is vulnerable,” the report states. “The incidents in the public eye are just the tip of the iceberg.”

The report urges Australia to be vigilant and proactive in its approach to cyber security, investing resources to meet the challenges of a complex cyber environment, and says compromise is expensive.

“It can include financial losses, damage to reputation, loss of intellectual property and disruption to business,” the Australian Cyber Security Centre (ACSC) 2015 Threat Report says.

“Australia cannot afford this.”

Clive Lines, Australian Cyber Security Centre co-ordinator, says the report provides an overarching view of cyber adversaries, what they want and how they go about getting it.

The report was compiled from information contributed by all ACSC partner agencies - including the Australian Crime Commission, Federal Police, the Australian Security Intelligence Organisation and the Defence Intelligence Organisation - and is tailored to provide information for Australian organisations about the threats they face from cyber espionage, cyber attacks and cyber crime.

It also includes mitigation and remediation information to help organisations prevent, and respond to, threats.

The report says the number, type and sophistication of cyber threats to Australia are increasing.

“Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries,” ACSC says.

It says attempts to compromise government, business and other networks of national importance ‘are regularly identified by, or reported to, the ACSC’.

ASD reported a 20% year on year increase in cyber security incident responses in 2014, with ASD predominantly focused on incidents involving Government networks and other networks of national importance.

When it come to the type of attacks Australian organisations are facing, the report says malware, including ransomware, is the predominant cybercrime threat in Australia.

Between 17 October 2014 and 14 January 2015 the Australian Internet Security Initiative program reported more than 15,000 malware compromises daily to Australian internet service providers for them to action.

Zeus, ZeroAccess and Conficker were the three most frequently detected malware variants on Australian IP ranges.

The report notes that spear phishing remained ‘a prevalent method used to target Australian organisations in cyber intrusions during 2014’, with increasing sophistication of the emails making them more difficult to detect.

The use of watering hole techniques continues to grow, with CERT Australia handling more than 8100 incidents involving compromised websites in 2014.

And while DDoS reports remained steady, ACSC says a growing trend is DDoS extortion, where adversaries threaten to launch DDoS activity against an organisation unless a fee is paid.

“These threats can be accompanied by a small-scale DDoS to demonstrate intent.”

The report includes a range of mitigation advice for each of the attack types, and says the Australian Signals Directorate’s top four strategies can prevent at least 85% of targeted cyber intrusions the ASD responds to.

Those strategies are using application whitelisting to help prevent malickious software and unapproved programs from running; patching applications such as Java, PDF views, Flash, web browsers and Microsoft Office; patching operating system vulnerabilities; and restricting administrative privileges to operating systems and applications based on user duties.

“Organisations must move now to implement cyber security measures to make Australia a harder target, increase the confidence of Australians when they are online and maximise the benefits of the internet for Australian organisations,” ACSC says.

“Ultimately, this will see organisations and their users taking greater responsibility for the security of their networks and information,” the report notes.

Cryptomining apps discovered on Microsoft’s app store
It is believed that the eight apps were likely developed by the same person or group.
A multi-cloud approach - what is in it for me?
OVH CEO Michel Paulin explains the benefits of a multi-cloud approach to an organisations digitalisation and what to consider before implementation.
IDC: Top 10 trends for Australia’s digital transformation
The CDO title is declining, 35% of us will be working with bots, the Net Promoter Score will be key to success, and more.
Why the IT service integration market is becoming highly automated
"The SIAM market is not large, but it is one of the fundamental pillars of every digital transformation strategy."
Intel and Rakuten partner to address 5G network gap
“We believe this full end-to-end virtualised network will help us to shift away from reliance on dedicated hardware and legacy infrastructure.”
Exclusive: How Australian businesses can foster customer loyalty with CX
From boardrooms to meeting rooms, there’s an overwhelming recognition of the importance of CX, particularly when it comes to building customer loyalty.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
HCL and IBM collaborate to encourage global hybrid cloud uptake
HCL announced a collaboration with IBM designed to help advance the hybrid cloud journeys of organisations worldwide.