Australia’s cyber threat landscape
Annually, the Australian Cyber Security Centre produces a cyber threat report. With contributions from DIO, ACIC, AFP, ASIO, the Department of Home Affairs, and industry partners, the report offers an unclassified account of the main cyber threats affecting people and businesses in Australia.
What's the problem?
Phishing and spearphishing remain the most common methods used by cyber criminals to harvest personal information or user credentials. This allows criminals to gain access to networks, distribute malicious content, lure people into taking certain actions or skim data.
Data on the full scale of cyber incidents is patchy as authorities rely on self-reporting by individuals and organisations. Most incidents are expected to go unreported which undermines adequate degrees of risk apprehension by business leaders.
Ransomware is one of the most significant threats affecting businesses. Recovering from ransomware is almost impossible without comprehensive backups, a (significant) period of downtime and potentially high recovery costs.
What’s the solution?
Individuals and businesses apply the fundamentals of basic cyber security practice; that’s a vital first step. Many of the initial approaches from cybercriminals can be warded off by, for instance, not responding to unsolicited emails and text messages, implementing multi-factor authentication and not providing an unknown third party with remote access to your computer network.
Follow guidelines from the ACSC and keep check of regular updates. The status of your website and email domains can be checked through .auCheck and should offer you a first line of defence, and an indicator of your cybersecurity posture.
Prepare for any eventualities. Think and document what your sensitive personal and business data is, where it is stored, how you can access it, and what steps you would take when your data is compromised or your systems have been affected by malware.
Check here for the full ACSC Cyber Threat Report for FY 2020-2021.