Defence Minister reveals a “heightened level of malicious cyber activity” that is impacting too many Australians
The Australian Signals Directorate’s Australian Cyber Security Centre has released its latest Annual Cyber Threat report, covering July 2021 to June 2022, featuring a swathe of metrics and data points about the current cyber threat landscape in Australia and how the centre is responding.
Defence Minister Richard Marles opened the report with a foreword highlighting a “heightened level of malicious cyber activity” that was regrettably impacting too many Australians.
“We are currently witnessing deteriorating strategic circumstances in our region and globally, including a military build-up unseen since World War II, and expanding cyber and grey zone capabilities are of particular concern. In this environment, the work performed by ASD and its ACSC is more important than ever,” he wrote
“…The government considers cyber security and reinforcing our online resilience to be a national priority. Increased investment in ASD’s cyber and intelligence capabilities under project REDSPICE (Resilience, Effects, Defence, SPace, Intelligence, Cyber, Enablers) positions Australia to lift our defences and recognises the critical role ASD plays in our national security.
“…Reporting cybercrime is vital for us to build a threat picture that can prevent others from falling victim to the ransomware syndicates and cybercriminals. The best cyber defence is informed by the best intelligence.”
Some headline data points from the report, which can be downloaded here, include that there were more than 76,000 cybercrime reports, with the ACSC seeing an increase in financial losses due to business email compromise surpassing $98 million.
The top reported cybercrime types, accounting for 54% of all reports, were related to fraud (27%), online shopping (14%) and online banking (13%).
The cost of cybercrime is going up, with the ACSC reporting a rise in the average cost per cybercrime report to more than $39,000 for small businesses, $88,000 for medium-sized businesses and more than $62,000 for large businesses. This represents an average increase of 14% year on year, according to the report.
A cybercrime report occurs every seven minutes in Australia, compared to every eight minutes last financial year, the ACSC reports. The centre also notes that between 150,000 and 200,000 routers in homes and small businesses are vulnerable to compromise.
An additional insight that stood out in the ACSC’s Report’s Summary Section included a breakdown of which states had reported the most cybercrime.
The report notes that while Australia’s most populated states reported more cybercrime, “Queensland and Victoria report disproportionately higher rates of cybercrime relative to their populations”.
The highest reported average losses however, were reported by victims in the Northern Territory (over $40,000 in instances where financial loss occurred) and Western Australia (more than $29,000).
Responding to Threats
The ACSC’s report also highlighted how the Centre has been responding to cyber threats occurring over the past year.
Some figures include that the ACSC responded to more than 1100 cyber security incidents, that it blocked more than 24 million malicious domain requests, took down 29,000 brute force attacks against Australian servers, dismantled more than 15,000 domains hosting malicious software, and shared more than 28,000 indicators of compromise with ACSC partners through its Cyber Threat Intelligence Sharing platfrom.
The ACSC reported that it responded to 135 ransomware incidents in the 2022 financial year, an increase of more than 75% compared to the 2020 financial year.
It also notified 148 entities of ransomware activity occurring on their networks and informed 5 critical infrastructure entities of malicious cyber activity and vulnerabilities.
The Centre reported that it has briefed more than 200 government, business and critical infrastructure organisations on the threat posed to Australian networks following the Russian invasion of Ukraine, published 13 new step-by-step guides for simple cyber security practices, and expanded its Partnership Program, which now has more than 2300 network partners, 3400 business partners and 82,000 home partners.
Rounding out the summary section of its report, the ACSC provided two short, high-level lists of recommendations for both individuals and businesses on some simple steps for security.
The Centre’s simple steps for individuals include:
- Update your devices and replace old devices that do not receive updates
- Activate multi-factor authentication
- Regularly backup your devices
- Set secure passphrases
- Watch out for scams
- Sign-up to the ACSC’s free Alert Service
- Report cybercrime to the ACSC at cyber.gov.au
Recommendations for organisations include:
- Review the cyber security posture of remote workers and their use of communication, collaboration and business productivity software
- Patch vulnerabilities within 48 hours. If you cannot achieve this, consider using a cloud service provider or managed service provider (MSP) that can
- Only use reputable cloud service providers and managed service providers that implement appropriate cyber security measures
- Sign-up to become an ACSC partner to receive insights, advisories and advice
- Test your cyber security detection, incident response, business continuity and disaster recovery plans
- Report all cybercrime and cyber security incidents to the ACSC via ReportCyber