The Australian Signals Directorate (ASD), in conjunction with its Australian Cyber Security Centre (ACSC), has published the "ASD Cyber Threat Report 2022-2023", providing a comprehensive overview of the current cyber threat landscape in Australia.
The report highlights the increasing sophistication and frequency of cyber attacks targeting Australia with ASD responding to over 1,100 cybersecurity incidents in the past year alone.
Ransomware continues to be a significant threat, comprising more than 10% of these incidents, consistent with the previous financial year.
In a separate statistic, nearly 94,000 reports of cybercrime were filed via ReportCyber, averaging about one report every six minutes.
Head of ASD’s ACSC, Abi Bradshaw CSC, shares the release of our 2022-23 #ASDCyberThreatReport. By working together we can stay ahead of cyber threats & make Australia a harder target for malicious cyber actors. Download the report ???? https://t.co/11CRLzyuPf pic.twitter.com/uY8WllvwUW— Australian Cyber Security Centre (@CyberGovAU) November 15, 2023
Vulnerabilities in critical infrastructure
A significant focus of the report is the vulnerability of Australia's critical infrastructure to cyber threats.
In the 2022-23 year, the ASD responded to 143 cybersecurity incidents related to critical infrastructure, marking an increase from 95 incidents reported in the previous year.
The report notes that cybercriminals have continually evolved their tactics to maximise payments from their victims.
The interconnectedness of operational technology (OT) and corporate networks has created new opportunities for cyber attackers.
These vulnerabilities could allow malicious actors to access and move laterally within these systems, potentially leading to substantial disruptions.
❗ALERT UPDATE ❗ The ASD’s ACSC is aware that there is successful exploitation attempts against Australian organisations at this time.We strongly recommend that affected Australian organisations review the mitigations and apply where possible as a matter of high priority. https://t.co/M4AuBFQZ6w
— Australian Cyber Security Centre (@CyberGovAU) November 16, 2023
State sponsored actors
The report also delves into the global context of cyber threats, revealing that government and critical infrastructure networks worldwide are targets of state-sponsored cyber actors.
These activities are primarily geared towards espionage and foreign interference. Specifically, the report mentions the AUKUS partnership as a likely target for such state actors.
Deputy Prime Minister and Minister for Defence, Richard Marles, commented on the report, emphasising the persistent threat to Australia posed by state cyber capabilities.
He underlined the importance of ASD’s role in defending the nation's security and prosperity and highlighted the Australian government's investment in ASD’s cyber and intelligence capabilities under Project REDSPICE.
Another concerning trend highlighted in the report is the swift exploitation of critical vulnerabilities. Despite the availability of patching or mitigation advice, one in five critical vulnerabilities was exploited within 48 hours.
Recommendations
As Australia navigates this challenging cyber landscape, the ASD report serves as a critical resource for understanding and mitigating cyber threats. It underscores the need for constant vigilance and proactive cybersecurity measures to safeguard Australia's digital and physical infrastructure.
The report advises organisations to adopt best practice cybersecurity measures, such as following the ASD Essential Eight or equivalent frameworks.
It stresses the importance of understanding networks, conducting routine architecture and asset reviews, and examining the security capabilities of devices.
In the wake of these findings, Australian organisations are urged to bolster their cyber defenses and prepare for an increasingly complex and hostile cyber environment.