ACSC Has Released Its Annual Cyber Threat Report
A cybercrime is reported every eight minutes in Australia, with cybercriminals and other malicious online actors taking advantage of insufficient security measures and a significant number of people working remotely. The federal government’s latest cybercrime assessment shows the rise in cybercrime was due in large part to bad actors exploiting the pandemic and actively targeting vulnerable Australian individuals, families, and organisations, including health services.
In its second annual cyber threat report, the Australian Cyber Security Centre (ACSC) has revealed they received over 67,500 cybercrime reports during the last financial year, a 13 percent increase over the previous 12 months. Approximately one-quarter of cyber incidents reported to the ACSC last year impacted Australia’s critical infrastructure and essential services, including health, education, and communications.
Key Takeaways From The Annual Cyber Threat Report:
- Cyber security incidents in Australia increased by 13 per cent during the past financial year.
- The Australian Cyber Security Centre says bad actors are taking advantage of pandemic-related factors.
- It is believed that cybercrime has cost Australian businesses and individuals more than $33 billion over the past year.
- The report noted there was a 15 per cent increase in ransomware.
According to the report, “While the number of ransomware-related cybercrime reports is a relatively small proportion of the total number of cybercrime reports, ransomware remains the most serious cybercrime threat due to its high financial impact and disruptive impacts to victims and the wider community”.
The severity of reported cyber security incidents has significantly increased over the last year- a higher proportion of these incidents were categorised as ‘substantial’. The top reported cybercrime types were fraud, online shopping scams, and online banking scams – these types of cybercrime relied heavily on fear and uncertainty in the victims, which had been especially high during the early days of the pandemic.
- Ransomware is not going anywhere. One mistake can potentially paralyse your operations. The sudden rise in the availability of sophisticated and advanced tools, techniques, and procedures allows bad actors to take advantage of your business’s data.
- The reliance upon IT systems and the complexity of IT systems are making systems more vulnerable. Is your business’s data secure through every entry point and endpoint?
- There are so many IT networks and systems that are not properly configured, allowing malicious actors to bypass easy entry points. Your network and systems should be updated to ensure you are not allowing malicious actors to run rampant.
- Emails continue to be a weakness in any organisation due to the rapid increase in malicious emails, links, and downloads. If you want to implement better security measures for your organisation, you need to have some form of best practices. Debilitating things can happen with one click. Your employees should be fully aware of their surroundings, and they should be given the tools and technology to enable a more enhanced working experience.
What Is Your Defence Against Cybercrime?
Your best defence against cybercrime is a comprehensive cybersecurity strategy. You will need comprehensive cybersecurity software, applications, and policies on all your devices. This includes all the equipment used in a remote setting to access your servers and networks, as well as the equipment that is located within the walls of your organisation. Your organisation can implement endpoint protection that will act as a shield of armour for your organisation against cybercrime such as ransomware, viruses, malware, and other exploits – allowing you to prevent a complicated and expensive cyber attack.
However, as powerful as software, applications, and policies may be at protecting your organisation from malicious attacks by bad actors, these things cannot put an end to your employees revealing sensitive information in a phishing scam. A phishing scam involves tricking the victim into sharing sensitive and confidential information, such as financial details and personal information. These attacks are often cleverly disguised and designed to trick the victim. To avoid this, security awareness, education and training are crucial.
What Could This Mean For Your Organisation?
Andrew Hastie, the assistant minister for Defence, stated that cyber is the new battlefront. Hastie added that it will be a team effort and that everyone must share the responsibility if the nation is going to improve our cyber defence. Everyone must implement the proper cyber security measures.
“Malicious cyber criminals are escalating their attacks on Australians. We need all Australians to be vigilant by taking simple cyber security steps including using strong passphrases, enabling two-factor authentication, updating software and devices and maintaining regular data backups, as well as being on guard against malicious emails and texts,” Hastie said.
Head of the Australian Cyber Security Centre, Abigail Bradshaw CSC stated, “I encourage every Australian to read our Annual Cyber Threat Report to understand these cyber threats, and learn how to protect yourselves, your families and your businesses online”. The Australian Cyber Security Centre urges all Australian organisations and individuals to report cybercrime and cyber incidents to ReportCyber. Every report of cybercrime will not only help those who have become a victim of a cyber incident, but it will allow the ACSC to gain greater insight into the cyber threat picture, and it will allow the ACSC to give the best advice to all Australians.
There are several steps your organisation can take to secure your operations and data, such as the following:
- Obtain an assessment and audit to determine the strengths and weaknesses of your organisation.
- Implement a Backup and Disaster Recovery plan. Even if your organisation has secure networks and systems, your organisation is one accidental click away from a disaster.
- Educate and train your staff about cyber security and how to identify potentially dangerous situations.
- Create and maintain proper security policies and strategies.
Another step you should take is partnering with a trusted IT provider. There is nothing wrong with asking for help, especially when the help you can receive can potentially save your organisation from a disastrous situation. Engage with experts in the industry and use their skills and knowledge to keep your data safe and your employees productive.
For more information on the latest cyber threat report and how you can protect your organisation, reach out to Sydney Technology Solutions today.