The Australian Cyber Security Centre (ACSC) has released its “first unclassified” Threat Report, an expansive paper that documents the growing menace of cybercrime in the country.
It also offers organisations advice on how best to deal with this threat, so that they can both prevent and respond to it in the most effective way possible (and therefore limiting the severity of damage).
The authors of the report note that everyone is at risk of cybercrime and are keen to draw attention to two popular misconceptions that many enterprises have - that information on their network is invaluable and of no interest to cybercriminals.
This is indicative of the fact that data is more than just a repository of information. It is a powerful asset for all stakeholders, as noted by the World Economic Forum in 2011:
“Firms collect and use this data to support individualised service-delivery business models that can be monetized. Governments employ personal data to provide critical public services more efficiently and effectively. Researchers accelerate the development of new drugs and treatment protocols.”
Ensuring that this information is kept safe and secure is of paramount importance to all, and while the ACSC acknowledges that “robust” cyber defenses provide people with confidence that security is being upheld, it is no easy task.
In its paper, it explains that highly technical and knowledgeable cybercriminals are adept at creating, identifying and exploiting vulnerabilities, allowing them to breach even the most guarded of networks.
The paper documents some of the global trends that the ACSC has identified, which threaten both Australian organisations and their respective counterparts across the globe. These include:
- The increase of cybercrime-as-a-service
- The growing popularity of spear phishing with cybercriminals
- The rise in the number of cybercriminals with “destructive capabilities”
- The surge in incidents of “electronic graffiti”
However, the ACSC is confident that so long as everyone does their part to be more vigilant, proactive and security-aware, the threats posed by cybercriminals will be greatly diminished.
“Cybersecurity efforts should aim to make Australia a harder target and thereby increase the trust and confidence of all Australians to engage in the benefits the internet brings,” it explains.
“Effective cyber security requires a partnership between government and the private sector, with organisations and their users taking greater responsibility for the security of their networks and information.”