Release of 2017 ACSC Threat Report
As part of Stay Smart Online week, the Minister Assisting the Prime Minister for Cyber Security, Dan Tehan MP, today released the 2017 Australian Cyber Security Centre (ACSC) Threat Report.
The 2017 ACSC Threat Report provides an overview of the cyber threat landscape in Australia and the types of threats, targets, new trends and emerging threats.
Speaking at the National Press Club in Canberra, Mr Tehan said, “I would like to highlight how cyber security is not just the business of national security, but something that must become second nature to all Australians. Cyber security is not just the domain of our intelligence agencies or our defence forces, to protect against silent secrets and cyber attacks.
“Cyber security is as relevant for mums and dads, small business owners and local communities, to keep their data, their money and their identities secure.”
Mr Tehan described the pervasive nature of cybercrime with criminal expertise improving, and tradecraft being adapted to target specific businesses.
“Over the past year, we have seen increased targeting of trusted third parties, particularly service providers. These companies are highly attractive targets as they can provide access into a range of primary targets.”
The report also found that cybercrime continues to be an attractive option for criminals due to its ability to generate large profits with low risk—with ransomware, in particular, continuing to be a popular method for extorting funds from a wide range of victims.
Mr Tehan said that ransomware variants are deliberately crafted to exploit known vulnerabilities and take advantage of gaps in our cyber defences. He stressed the need for cyber security to be front of mind, not just an afterthought.
“Backing up data and proven data restoration processes are vital to mitigate data being encrypted, corrupted or deleted by ransomware,” he said.
Credential-harvesting malware (especially targeted at Android devices) and social engineering are both listed as increasing threats, with the lack of security for Internet of Things devices reported as an emerging risk.
Read more about Stay Smart Online Week.