Australian Signals Directorate

The threat of state-sponsored cyber operations is persistent and likely to increase as geostrategic competition grows. The 2023-24 #ASDCyberThreatReport looks at how state-sponsored cyber actors continue to target Australian critical infrastructure (CI), governments, and businesses. Globally, state-sponsored cyber actors use a range of techniques to avoid detection and achieve their objectives. This includes supply chain compromises, living off the land techniques and exploitation of cloud environments. State-sponsored cyber actors may target networks around the globe, particularly those connected to CI systems, in order to: - gather intelligence or intellectual property - exert influence or interference - preposition for future disruptive activity during crises or conflicts. Learn more about state-sponsored cyber operations in our report 👉 https://lnkd.in/gv7H64pS

Cybercrime continues to be a threat to Australians, with a cybercrime reported every 6 minutes. Our 2023-24 #ASDCyberThreatReport identifies what organisations need to know: - Business email compromise (BEC) remains lucrative business for cybercriminals at significant cost to Australian organisations. Law enforcement received over 1,400 reports where BEC led to a financial loss, with an average loss of over $55,000 per incident. - Credential stuffing is emerging as another common threat. This involves the use of stolen usernames and passwords to access other services. Passwords used across multiple accounts are particularly vulnerable. Cybercriminals are using stolen or breached login credentials to compromise accounts and then move through corporate networks. Because the login credentials are legitimate, traditional security measures often fail to detect the activity. - Cybercriminals will continue to capitalise on advancing technologies to improve their operations. For example, leveraging Artificial Intelligence (AI) tools to conduct increasingly targeted attacks, like social engineering. Using AI, cybercriminals can maximise their success with little additional effort, increasing the potential for network compromise and the overall threat posed by social engineering. Learn more about cybercrime and the latest #CyberSecurity threats in our report 👉 https://lnkd.in/ghKXgb_4

Malicious cyber actors are targeting critical infrastructure (CI) globally. Our #ASDCyberThreatReport warns that targeting of CI is likely to increase as networks grow in size and complexity, broadening the attack surface. Australian CI such as power grids, transport networks and health services are an attractive target because they provide essential services to the nation. Many different malicious cyber actors, including state-sponsored cyber actors, target critical infrastructure to fulfil their objectives. These include financial gain, espionage and pre-positioning for disruptive or destructive attacks. The top cyber security incident types affecting Australian CI in FY2023-24 were: • compromised account or credentials (32%) • malware infection (other than ransomware) (17%) • compromised asset, network or infrastructure (12%). Find out more about threats to Australian CI and read the full report 👉 https://lnkd.in/gm_nctgs

Together with our partners Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency, we have updated our advisory on the BianLian ransomware group. Since our initial release, we’ve added our assessment about the group’s location, including a trend of Ransomware groups deliberately choosing ‘foreign’ names to confuse attribution efforts. For updated information on the tools, tactics and procedures used by the BianLian group read the full advisory 👉 https://lnkd.in/gekgwY_f

Now more than ever, it’s crucial to teach children of all ages the importance of having good cyber security habits. We have free, downloadable guides for kids, high school students, parents and carers to learn about cyber security. These cover topics such as how to: - secure accounts and devices - avoid cyber threats when using social media or online gaming - recognise scams - talk about and report a cybercrime Learn more about protecting your family on our website 👉 https://lnkd.in/gCzcmWyP

We’ve released our 2023-24 #AnnualCyberThreatReport. The report highlights the rapidly evolving cyber threat landscape and reinforces the need to prioritise improved cyber defences to protect our nation’s #CyberSecurity. As data continues to be produced and stored in greater volumes, the attack surface has become more exploitable, and both criminal and state-sponsored cyber actors are taking advantage of vulnerabilities and gaps. This, coupled with geopolitical uncertainty, underscores the need for strengthened cyber security. 👉 State-sponsored cyber actors are persistently targeting Australian governments and critical infrastructure. These cyber operations are evolving globally, with the capability to gather intelligence, exert malign influence and pre-position on networks for disruptive effects. This threat is likely to increase as geostrategic competition grows, requiring greater partnership between government and industry to deter this activity. 👉 Critical infrastructure services are an attractive target to malicious cyber actors. This includes essential services such as power grids, water delivery systems, transport networks and health services. Of particular concern are operational technology systems. These are often not secure by design and many traditional security controls cannot be applied, making it likely that malicious cyber targeting of these systems will rise. 👉 Cybercrime is an evolving and persistent threat. Cybercriminals are evolving their tactics and capitalising on new opportunities, like artificial intelligence, to exploit victims. 👉 Collaboration across public and private sectors is key to effective cyber resilience. This report is only possible because Australians reported cybercrime, incidents and vulnerabilities to us. All Australians should report incidents to make us collectively stronger and put cyber threats on everyone’s radar. Learn more about the evolving cyber threat landscape in our report 👉 https://lnkd.in/gXUaip6X ASD thanks all of the organisations that contributed to this report, including: ACCC, Australian Department of Foreign Affairs and Trade, Australian Federal Police, Australian Institute of Criminology, Australian Security Intelligence Organisation, Defence Intelligence Organisation, Australian Department of Home Affairs, National Cyber Security Coordinator, Office of the Australian Information Commissioner & Reserve Bank of Australia

A career at ASD is unlike anywhere else. Our work is unique, challenging and rewarding – and it requires a diverse range of technical & non-technical people to achieve our mission. Since our earliest days, we have taken on complex challenges to keep Australians secure. Today, we keep rising to meet the challenges before us and find solutions to Australia’s complex problems. At ASD, you’ll have many career paths open to you. We have a focus on training and development including expert mentors and technically skilled teams to help guide you and bring out your best. What paths could you take at ASD? Take our career quiz and find out 👉 https://lnkd.in/gQ6k9hRZ

Recycling is great for the environment, but NEVER recycle passwords! Reusing passwords across different accounts is risky. If someone hacks your password, all your accounts could be at risk. This could impact your organisation if you use the same passwords at work. Here’s how to protect your accounts: • Set a strong and unique password, such as a passphrase, for each account. • Use a password manager to help remember all your passwords. • Turn on multi-factor authentication where you can for the best protection. Learn more about account security 👉 https://lnkd.in/gYuw_2bp

Microsoft has released its November security updates. This update included: •      89 vulnerabilities patched. •      2 vulnerabilities with evidence of exploitation. •      4 'Critical' rated. We encourage all users to apply the available patch updates ASAP. For more details, visit the Microsoft Security Response Centre website 👉 https://lnkd.in/eVf3_q3F

Today with our international partners, we’ve published a joint advisory on the top routinely exploited vulnerabilities. This covers common vulnerabilities and exposures (CVEs) as well as recommended actions to mitigate risk for vendors, developers and end-user organisations. End-user organisations are encouraged to implement the recommended mitigations in this advisory, including applying timely patches to systems. Find out what the common vulnerabilities are and what your organisation can do to protect networks and systems 👉 https://lnkd.in/gnbpd39S