Australia has had a cybercrime report every 7 minutes for the past year, with ransomware proving to be the “most destructive” threat. State actors also remain a persistent threat to agencies such as the Australian Bureau of Statistics, where personal information about locals makes it an attractive target.
The country saw a nearly 13% increase in the number of reported cybercrime cases to more than 76,000 last year, according to Annual Cyber Threat Report 2021-2022 released by the Australian Cyber Security Center (ACSC). This means one case is reported every seven minutes, up from every eight minutes in the last financial year, the government agency said.
Its annual report includes details from the Australian Federal Police, the Australian Criminal Intelligence Commission, the Australian Security Intelligence Organization, the Defense Intelligence Organization and the Department of Home Affairs.
The ACSC singled out ransomware, in particular, as causing the most damage, with all local economic sectors directly affected by such attacks last year, where 447 ransomware cases were reported. fox. This is down 10% year-over-year, but the report surmises that ransomware is still significantly under-reported, especially among victims who choose to pay the ransom.
The education and training sector recorded the most ransomware incidents, up from fourth place the previous year and, along with four other sectors in the top five, accounted for 47% of all reported ransomware attacks. .
The ACSC said: “Top ransomware groups are continuing to target Australia’s ‘big game’ entities – organizations that are high profile, high value, or provide critical services. “While the global trend shows a decline in ‘big game’ targeting and a shift towards targeting small and medium-sized businesses (SMBs), that shift has yet to be seen. found in Australia.”
State actors are a persistent threat amid geopolitical tensions
What it has witnessed over the past year, however, are persistent efforts from state organizations to access sensitive data, including personally identifiable information, to support claims. government intelligence.
Deputy Prime Minister and Secretary of Defense Richard Marles said: “We are now seeing the strategic situation deteriorate in our region and globally, including unprecedented military build-up. seen since World War II, and the expansion of cyber and gray zone capabilities is of particular concern.”
The Australian Bureau of Statistics, for example, is an attractive target because it holds personal information about locals, according to the report.
Before the national census to be conducted in August 2021, the ACSC said it held threat intelligence briefings with the agency and assessed cyber operations against the agency. . It also conducts a review of the office’s systems, including source code review, penetration testing to identify vulnerabilities, and analysis to detect malicious activities that may already be present in the system.
The ACSC said it did not find any indications of malicious activity and that important cybersecurity recommendations were addressed by the office before the investigation was conducted.
While this took place without cybersecurity incidents or service disruptions, the cybersecurity agency noted that cyberspace is increasingly becoming a field of war. It just comes Russia uses malware to delete data and turn off the computer in Ukraine.
It also highlights an incident in July 2021 in which Australia attributed the exploitation of the Microsoft Exchange vulnerability to the Chinese Ministry of State Security. Five Eyes advice in November 2021 also confirms a Iranian state actors exploited same holes.
The ACSC warns that dynamics in the Indo-Pacific are driving the risk of a crisis and that cyber activities can be used by states to challenge the sovereignty of other states.
“These actors not only want classified information. They also want to understand who we are, how we are connected, and what values we hold,” the Australian agency said. “In some cases, they may seek to pre-position themselves in strategic networks to prepare for coercive or disruptive activity against us.”
The report also highlights Australia’s critical infrastructure, which continues to face potential threats from state organizations as well as cybercriminals seeking to cause disruption.
“Critical infrastructure includes facilities, communication networks, information technology and operations that provide essential services,” the ACSC said. “Continued disruption in part of the critical infrastructure ecosystem will have severe effects elsewhere in the economy, and could ultimately lead to harm or loss of life, internationally considered as a result of ransomware attacks on health services.”
It noted that CS Energy’s corporate network last November was targeted by the Russia-linked Conti ransomware group. Queensland Generator, which produces 10% of the electricity for the national electricity market, has cut off external online connections to its network after detecting the ransomware attack and initiate business continuity procedures.
The ACSC said 95 network incidents, or about 8% of the total number of network incidents it responded to last year, were related to critical infrastructure.
Among other key findings in this year’s report, the security agency estimated that A$98 million ($62.74 million) was lost due to business email intrusion incidents, with the an average of AU$64,000 lost per report.
The average cost per cybercrime report for small businesses also increased to over AU$39,000, while it reached AU$88,000 for medium businesses and over AU$62,000 for Large businesses.
More than 25,000 calls to the country’s cybersecurity hotline, or 69 calls per day, are up 15% year-over-year.
Fraud, online shopping and online banking are the top types of cybercrime, accounting for 54% of all reported cases.
Marles notes: “This [ACSC] the report maps how threat actors worldwide have continued to find innovative ways to deploy attacks online, with supply chains used to penetrate networks by governments and organizations in many countries, including Australia.
“Cybercrime reporting is crucial for us to build a picture of the threat that can prevent others from falling victim to ransomware and cybercriminal organizations. Best cybersecurity on offer. by the best intelligence,” added the minister.
The government is looking for stiffer financial penalties for serious or repeated data privacy breaches, the maximum fine is up to AU$50 million (US$31.57 million). The move comes amid a series of cybersecurity incidents that have compromised customer data, including Optus and Medibank.
RELATED INSURANCE
