The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow. If an organisation is connected to the internet, it is vulnerable. The incidents in the public eye are just the tip of the iceberg.

Australia must be vigilant and proactive in its approach to cyber security, investing resources to meet the challenges of a complex cyber environment.

Compromise is expensive. It can include financial losses, damage to reputation, loss of intellectual property and disruption to business. Australia cannot afford this.

This is the first unclassified Australian Cyber Security Centre (ACSC) Threat Report. All ACSC partner agencies have contributed to provide information tailored for Australian organisations about the threats their networks face from cyber espionage, cyber attacks and cybercrime. It also contains mitigation and remediation information to assist organisations to prevent, and respond to, the threat.

To combat the threats detailed in this report and reduce the risk of compromise, organisations must move now to implement cyber security measures to make Australia a harder target, increase the confidence of Australians when they are online, and maximise the benefits of the internet for Australian organisations.

Ultimately, this will see organisations and their users taking greater responsibility for the security of their networks and information. The ACSC has been established to help in this process.

The information in this report is designed to assist the achievement of a more cyber secure Australia. Your feedback is welcome.

…

Trends for 2015 and beyond

While the ACSC is still developing a detailed understanding of the full spectrum of threats to Australian
networks, we predict the following trends to manifest globally in the near future:

• The number of state and cyber criminals with capability will increase.
• Due to the limited number of quality software developers, cybercrime-as-a-service is likely to increase, reducing the barriers for entry for cybercriminals.
• The sophistication of the current cyber adversaries will increase, making detection and response more difficult.
• Spear phishing will continue to be popular with adversaries, and the use of watering-hole techniques will increase.
• Ransomware will continue to be prominent.
• There will be an increase in the number of cyber adversaries with a destructive capability and, possibly, the number of incidents with a destructive element.
• There will be an increase in electronic graffiti, such as web defacements and social media hijacking, which is designed to grab a headline.

Ensuring a resilient, cyber secure Australia requires the expertise and collective capabilities of the ACSC, government and industry network owners, operators and users, academia and our international partners.

In our approach to cyber security, Australia must remain vigilant, proactive and resourced to meet the challenges of a complex cyber environment.

Cyber security efforts should aim to make Australia a harder target and thereby increase the trust and confidence of all Australians to engage in the benefits the internet brings. Effective cyber security requires a partnership between government and the private sector, with organisations and their users taking greater responsibility for the security of their networks and information.

Share this: