Thousands of significant cyber incidents hit Australian organisations

Australian business and government are a target for malicious cyber activity, with the nation’s 2016 threat report identifying more than 15,000 significant incidents.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

The Australian Cyber Security Centre’s (ACSC) 2016 threat report, the second produced by the centre since it was established, said it remained challenging to assess the full impact of cyber crime on Australia because it relied on voluntary self-reporting.

The government’s bill to amend the Privacy Act in order to mandate serious data breach notification is slated to be introduced and passed (it has bi-partisan support) by parliament in the near future, but for the time being, the ACSC said: “High levels of misreporting and under-reporting make it difficult to accurately assess the prevalence and impact of cyber crime.”

To assess the scale of the problem in the private sector, the ACSC has relied on data from callouts to CERT Australia, the national first responder to cyber incidents, which responded to 14,804 incidents from the private sector in the year to the end of June. Of those incidents, 418 involved systems of national interest and critical infrastructure. The energy, banking and finance, and communications sectors were targeted the most often.

Meanwhile, between January 2015 and June 2016, the Australian Signals Directorate was involved in 1,095 security responses to incidents on government systems, including a damaging penetration of the Bureau of Meteorology’s computer system by a foreign intelligence service in which data was stolen.

Despite the clear and present threat, the report said that to ensure corporations remained alert to the issue, the language surrounding computer security problems needed to be toned down and incidents should be referred to as “malicious cyber activity” launched by “cyber adversaries” rather than attacks by hackers, which tended to sensationalise the issue.

A cyber attack, meanwhile, was defined as “a deliberate act through cyber space to manipulate, disrupt, deny, degrade or destroy computers or networks or the information resident on them, with the effect of seriously compromising national security, stability or economic prosperity”.

This year’s ACSC report again confirms the extent of the problem and profiles a series of malicious incidents.

In one case, an adversary gained access to an unnamed government network using malicious Microsoft Office macros. And in the financial sector, a domain controller was compromised and had been communicating with malicious domains for at least a year before detection. Elsewhere, a critical infrastructure provider found a cyber adversary had used legitimate credentials belonging to a staff member and a contractor to effect a systems compromise.

Although in that last case the offshore suspect was identified and subsequently arrested, incidents point to the growing challenge of dealing with the “insider threat”, according to Keith Lowry, senior vice-president of Nuix, a global provider of security services, headquartered in Sydney.

A US government employee for 30 years, Lowry was involved in both the Edward Snowden and Bradley/Chelsea Manning investigations before joining the US Food and Drug Administration’s security team.