Increased vigilance and a commitment to prevention will be key factors in stopping or reducing cyber attacks.
That’s the message from the 2016 Threat Report released by the Australian Cyber Security Centre (ACSC).
The report details a range of activities targeting government assets, from a high-profile attack on the Bureau of Meteorology network in 2015 to ongoing low-sophistication work by ‘hacktivists’ to deface government websites or social media accounts.
In the 18 months to June 2016 the Australian Signals Directorate responded to more than 1000 cyber security incidents on government systems which were considered serious enough to warrant operational response.
Popular methods of targeting systems include spear phishing, where an email is sent with a malicious link or file attachment, and ransomware, which encrypts a user’s own data and then directs victims to a site where they must pay a ransom to unlock the files.
The report also highlights the risk of secondary targeting, where organisations with a seemingly limited value are targeted in a bid to gain access through a relationship of trust with a higher-value target organisation.
What can be done to prevent incidents from occurring or reducing their impact?
The ACSC recommends organisations should implement monitoring to assess environments for threats, establish processes to detect when incidents occur, and having an up-to-date and regularly tested incident response plan and business continuity plan.