National Cyber Security Coordinator

Thanks to Hall & Wilcox and Business Sydney for having me speak to business leaders about the importance of cyber preparedness and response. During the panel session, we workshopped a hypothetical cyber incident and came to a key takeaway: the very worst time to be testing your risk plan is in the middle of a serious cyber incident. Today’s threat landscape means that it’s not a matter of if, but when, you’ll be a target of a cyber attack. A strong cyber security culture can set the scene for a more resilient organisation that can quickly bounce back from a cyber security incident. Ask yourself this question: do you know your role in a cyber incident?

The Australian Signals Directorate and United States-based partners have updated their advisory on the BianLian ransomware group.   ASD and its partners are aware of multiple ransomware groups, like BianLian, that seek to misattribute location and nationality by choosing foreign-language names, almost certainly to complicate attribution efforts. BianLian is a ransomware developer, deployer, and data extortion cybercriminal group, likely based in Russia, with multiple Russia-based affiliates.   As outlined in the 2023-2030 Australian Cyber Security Strategy, the Australian Government will continue to deter and respond to malicious actors threatening our national interests, including attributing malicious cyber activity when it is in our national interests to do so.   For more information on how people and businesses can protect themselves from cyber threats, or to report a cybercrime, Australians are encouraged to visit cyber.gov.au.

The Australian Signals Directorate has released the 2023-24 #AnnualCyberThreatReport. The report highlights the rapidly evolving cyber threat landscape and reinforces the need to prioritise improved cyber defences. As adversaries continue to evolve, our cyber security must evolve too - it's not a 'set and forget' solution. Public-private partnerships are especially crucial for protecting Australia's critical infrastructure from these growing cyber threats. I encourage all Australians to read the report and follow its advice to strengthen our collective cyber security. Read the full report 👉 https://lnkd.in/gXUaip6X

Last week, I had the pleasure of touring NAB’s Fusion Centre to wrap up Cyber Security Awareness Month and discuss some important insights about our nation's cyber security posture. Australia is an attractive target for cyber criminals, and we’re facing a "new level of normal" for these threats. During my visit, we discussed how supply chain risks are now a critical concern globally and how inconsistent international security standards can create vulnerabilities. Unlike our established safety cultures where we lock up our homes and stay safe on the road, it concerns me that Australia hasn't yet transitioned into a robust cyber security culture. The goal is clear—we must make Australia a harder target—and this requires every Australian to step up our cyber security measures. I'm enlisting everyone to make this a priority conversation and action, in your homes, your workplaces and your communities.

Cyber Security Awareness Month may have wrapped up, but staying secure online is a year-round mission. With cybercrime reports increasing and malicious cyber activity posing a risk to every Australian – cyber security is everyone’s business. Throughout October we focussed on simple steps that you can do to improve your cyber security. So keep up the momentum: enable multi-factor authentication, install software updates, set strong passphrases, and stay alert to phishing attempts. Protect yourself and those around you—every action counts.

Spot a phishing scam? Don’t take the bait! Look for warning signs like suspicious links, urgency, or unknown senders. If in doubt, report it to ReportCyber at cyber.gov.au #CyberSecurityAwarenessMonth

Recognise and report phishing 🚫 🎣 Phishing is a way scammers trick you into giving them personal information. Think before you open any links or attachments in an SMS, email or on social media. If in doubt, report it to ReportCyber at cyber.gov.au #CyberSecurityAwarenessMonth

Last week I had the pleasure of attending the 2024 Quad Cyber Challenge at Government House, hosted by the Governor-General, Her Excellency Sam Mostyn AC, alongside our Quad partners from India, Japan and the United States. We were joined by a fantastic group of enthusiastic female students from local ACT schools, and I enjoyed the opportunity to work with them on a mock major cyber security incident. Similar to the exercises we run in the National Office of Cyber Security with major critical infrastructure providers, the students worked as a team to identify the challenges of the scenario, strategise solutions and bust misconceptions. Listening to their insightful questions and ideas reinforced the importance of having diverse voices working in roles across our cyber industry. An initiative of the Quad countries, the Quad Cyber Challenge offers students an opportunity to learn about what it takes to join the frontline of Australia’s cyber defences. And as we face rapidly evolving digital challenges, it's partnerships like these—and the curious minds of our next generation—that will help secure our shared future.

Use strong and unique passphrases 🔑 Your passphrase is your first line of defence – make it strong! Use unique passphrases that combine random words to keep your accounts safe. Avoid common passwords and don’t reuse your passphrase across different accounts. Visit our website for more tips on your cyber security https://lnkd.in/griwy6Y6 #CyberSecurityAwarenessMonth

❗ ALERT ❗ ASD’s ACSC is aware of a vulnerability affecting all versions of Fortinet’s FortiManager device. The vulnerability enables an unauthorised actor to gain access to the FortiManager console (CVE-2024-47575). All Australian organisations using FortiManager devices should review their networks for uses of vulnerable instances and implement the mitigations advice as a matter of high priority. For more information 👉 https://lnkd.in/g2FNFwgP