The Australian Cyber Security Centre (ACSE) has warned of increased cyber attacks at “phenomenal rates” at critical infrastructure networks, which could potentially put access to essential services at risk.
In its annual cyber threat report, the centre voiced its concerns over the ‘knock-on effects’ that a sustained disruption of critical infrastructure might have on the economy and welfare of the people.
Critical infrastructure encompasses the physical facilities, communication networks and information and operational technologies that provide essential services.
In FY22 alone, 95 incidents were reported, which is 8% of all cyber incidents the ACSC has responded to that have affected critical infrastructure.
The ACSC urges organisations to report all cyber security incidents, regardless of whether or not their organisation is subject to mandatory reporting under the SoCI Act.
Reporting increases the visibility of threats, enables the identification of trends, and supports the prevention and mitigation of future incidents.
Our #CyberThreatReport, suggest cyber attacks targeted at critical infrastructure networks are increasing at phenomenal rates. Australian critical infrastructure entities should boost their cyber defences to increase their resilience. Visit https://t.co/8qDKw3pKET pic.twitter.com/WJZbccTeRc— Australian Cyber Security Centre (@CyberGovAU) November 5, 2022
Concern for health and social assistance sectors
During FY22, the ACSC responded to more than 1,100 cybersecurity incidents, an average of 21 cybersecurity incidents per week.
Excluding government sectors, which have some additional reporting obligations, the health care and social assistance sectors reported the highest number of cyber security incidents during the 2021-22 financial year.
Compared to the 2020-21 financial year, the retail sector dropped out of the top 10, replaced by the electricity, gas, water and waste service sectors, which are all critical infrastructures.
Cyber security incidents FY22.