The Australian Cyber Security Centre (ACSC) this week released its first ever unclassified cyber security threat report.
Clive Lines, ACSC coordinator, said that the 2015 report clearly demonstrates that the cyber threat to Australian organisations is “undeniable, unrelenting and continues to grow”.
According to the report, the incidence of cybercrime attacks has increased 20 per cent in the last year, to 1131 attacks. This is up from 313 attacks per year in 2011.
The primary targets of these attacks are banking systems, energy providers and the communications sector, and the estimated cost to business is $1 billion a year.
But cyber security expert Associate Professor Mihai Lazarescu from Curtin University believes this cost may be vastly underestimated.
“Most organisations do not know that they have been attacked because the malicious parties are good enough to hide their activity. The reality in Australia is that even in the case of major players that actually do spend some money on cyber security, there are severe gaps in their set-up,” Lazarescu said.
“Many organisations are either not aware of what incident handling is, or they cannot find the resources (a great majority in terms of trained staff or money) to do so.”
The ACSC report provides an overview of cyber “adversaries”, what they want, and how they go about getting it, and Lines believes it will be a useful resource for organisations seeking to protect their information. The report also contains mitigation and remediation information to assist organisations prevent and respond to the threat.
“If every Australian organisation read this report and acted to improve their security posture, we would see a far more informed and secure Australian internet presence,” Lines said.
The report is available from the ACSC website.
