ACSC Threat Report 2017 - The findings
Yesterday the Australian Cyber Security Centre (ACSC) released its third annual threat report since its inception in 2014, bringing together their findings and identified key trends for 2016/17. Overall, it was reported that cybercrime is still an attractive and viable option for individuals and crime organisations; generating large profits with low risk of being identified and punished. The more success cybercriminals have in their endeavours, the more this encourages and fuels their activities making cybercrime more rife.
The major trends from throughout the year included; ransomware, credential-harvesting malware, social engineering and Business Email Compromise (BEC). But the ACSC also provided some interesting analysis breaking down the private and government sectors. Whilst 56% of the private sector’s self-reported incidents related to compromised systems, the government sector saw their largest number of incidents being attributed to spearphishing attacks. The ACSC also stated that they saw an 11% increase in non-traditional industry sectors being targeted, showing that cybercriminals had started to expand their vision beyond the usual industry targets. Although, financial and academic institutions are still at increased risk due to them housing large amounts of personal identifiable information and in the case of academic organisations, research that may be of value to others globally.
Ransomware
Ransomware seems to be one of those topics that won’t be going away for some time. It is often deployed through the favoured attack vector, email, as it is cheap and easy for cybercriminals to execute large untargeted phishing campaigns and reap huge financial rewards. In the ACSC’s report they stated that they had seen a rise in the pseudo-franchise model, ransomware-as-a-service (RaaS), allowing individuals with very little technical knowledge to launch effective campaigns through darknet markets at a small cost.
There was also a marked growth in the use of ransomware with advanced social engineering and the utilisation of Australian brands and government departments that would be well recognised by the Australian public. The most common variants of Ransomware reported for 2016/17 included; Cryptolocker, Torrentlocker and Cryptowall.
Credential-harvesting malware
During 2016/17 credential-harvesting malware also appeared to be an increased threat, particularly for the finance sector, where cybercriminals worked to obtain login details from targeted network’s systems. Additionally, the ACSC reported an increase in focus on Android smartphones, a trend that is likely to increase as individuals rely more heavily on their smartphones to store personal information, make financial payments and utilise cloud applications to access work related information on the go.
Social engineering and Business Email Compromise
Another trend that has been recognised in many previous threat reports too, is the increase in social engineering techniques being implemented. If executed well, individuals are able to bypass security protocols that may have previously been stopped by traditional technical means. Social engineering can range from broad phishing campaigns to refined, tailored communications aimed at one particular individual, even at times involving multiple mediums such as phone calls and social media interactions. It has become particularly ubiquitous with Business Email Compromise (BEC). The ACSC reported that in 2016/17 in Australia alone organisations suffered over $20 million worth of losses due to BEC, an increase of over 230% compared to the estimated $8.6 million in 2015/16.
In conclusion of the report, the ACSC advised that Australian organisations needed to take preventative action as an investment to reduce any potential long-term costs and risks. Cyber insurance has shown increased popularity in the past year but is still not a substitute for investing in appropriate security measures. Even if an incident were to be covered by cyber insurance, the payout may not be sufficient to cover stolen intellectual property, compromised personal identifiable information and potential brand damage.
To read the full report click here.
To find out how InfoTrust can help provide your organisation with a complete Holistic Cyber Security Framework click here.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help