Australia Cyber Security Centre Report 2014
Australia’s top spy agencies have warned that the number of cyber security threats in Australia is increasing by the day.Cyber attacks reported by Australian governments and business have tripled in the last 36 months and could cost more than $1 billion in damage in the future according to Australian Cyber Security Centre(ACSC) report. Australian Cyber Security Centre based in Canberra works with Aussie covert agency Australian Security Intelligence Organization (ASIO) and the Federal Police.Overall, the centre houses cyber specialists from the AFP, ASIO, Defense, Crime Commission, ASD and CERT Australia.ACSC was born under the former Premier Julia Gillard government and entered full operation at the start of 2014. Malware and ransomware remain the predominant cybercrime threat in Australia,notes the report. It specifically mention use of GameOver Zeus, ZeroAccess, the Conficker worm, TorrentLocker and CyptoWall 2.0 as prevalent methods of attack. Distributed Denial of Services (DDoS) attacks remained steady in 2014,says ACSC.However, there is no major attack reported so far according to the the centre’s report that noted Australia has not yet been subjected to any activities that could be considered a cyber attack.
A cyber attack which it classified as a deliberate act to manipulate, destruct, deny, degrade or destroy computers or networks or their information,was unlikely during peace time, the ACSC said.It said while the threat of a more diverse set of cyber attacks in the future would rise as the barriers to enact a cyber attack diminished, adversaries were more likely to continue using disruption and vandalism to gain publicity.The report revealed in its first unclassified report that more than 11,000 cyber security incidents affected Australian businesses last year.More than 150 of the incidents involved critical infrastructure and others connected with national security, the agency said in a report issued yesterday.The ACSC said it saw daily cyber espionage activity targeting Australian government networks.It reported: “Destructive cyber attacks could be considered equivalent to an armed attack, and therefore, an act of war.””To combat the threats detailed in this report and reduce the risk of compromise, organizations must move now to implement cyber security measures to make Australia a harder target, increase the confidence of Australians when they are online, and maximize the benefits of the Internet for Australian organizations,” the center said.The centre has urged Australian business and government to do more to defend against cyber espionage, attack and crime.
Cyber incidents are growing in both number and “destructive capability”, the centre said, which meant detecting and responding to the threat was becoming more difficult.The report singled out energy providers, banking and finance, defense, transport and communications companies as the biggest private sector targets for malicious actors. ACSC report also warned of increasing daily activity by “foreign state adversaries” but stopped short of naming any culprits.The centre reported spear phishing, remote access tools and watering hole attacks as growing techniques used by malicious actors.Australian Cyber Security Centre urged businesses to act on more recent and encouraged organizations to report cyber security incidents to the centre in order to help it advise on how best to respond to and remediate such threats.It noted that Australian government agencies that had implemented strategies to mitigate targeted cyber intrusions had improved their protection against such threats.The centre said while more cyber incidents were reported last year, the number of confirmed significant compromises of Australian government networks had fallen since 2012.”Improving network security forces cyber adversaries to either develop their capability or find alternative targets,” it noted.