While the total number of reported incidents is declining, the impact of business email compromises is moving in the other direction.
It’s not often in the cybersecurity realm that an indicator goes in a happy direction, but that’s what the overall number of incidents in ACSC’s annual cyberthreat report is doing
For fiscal year 2020-21, the Australian Cyber Security Center (ACSC) responded to 1,630 incidents, or approximately 31 per week. Compared to the previous financial year, the total number of cybersecurity incidents in the 2020-21 financial year decreased by 28%.
Other good news includes ACSC not having to respond to any incidents in the top third of its six incident classification categories. In the previous year, he reported a single Category 1 incident and four Category 2 incidents.
Now here comes the bad news that typically make up these reports.
Overall, ACSC sees a higher category reported the most, with Category 4 replacing Category 5. Category 4 accounts for 49%, while it accounted for 35% of all incidents last year.
“The highest percentage of incidents that the ACSC responded to involved low-level malicious activities such as targeted reconnaissance, phishing, or loss of non-sensitive data, which account for more than half of cybersecurity incidents,” the report said.
The report highlighted the growing amount of financial losses related to commercial email (BEC) engagements, despite the number of BEC incidents falling. Total losses reached AU$81.5 million, an increase of 15%, and the average loss for each successful BEC transaction jumped 54% to AU$50,600.
The ACSC has highlighted the bankruptcy of hedge fund Levitas after bogus invoices saw it transfer A $ 8.7 million to malicious actors.
“While the company recovered most of its funds, it suffered significant damage to its reputation and its main client left,” the report said
“This forced the hedge fund to put in place a trustee and led to its bankruptcy. This was probably the first Australian bankruptcy as a direct result of a cybercrime incident.
The establishment of an inter-agency BEC task force under the name of Operation Dolos under the Australian Federal Police prevented A $ 8.5 million from being lost to business email being compromised.
“Despite the headlines, many of the compromises faced by Australians will continue to be fueled by a lack of proper cyber hygiene. This offers a significant advantage to adversaries and lowers the technical barrier to targeting victims in Australia, underscoring the need to improve cybersecurity maturity. across the Australian economy, ”the CCAA said.
“Given the prevalence of malicious cyber actors targeting Australian networks – which are often underreported to the ACSC – there is an urgent need for greater resilience and Australian organizations and individuals to prepare to respond to any cyber attack and recover from it to their networks. “
In an area that the Australian Labor Party likes to whack about – ransomware – the report found a 15% increase to nearly 500 reports of ransomware in a year.
Shadow Deputy Minister for Cyber Security Tim Watts took the opportunity to give the government another blow.
“The Morrison-Joyce government has completely failed to take significant action to prevent ransomware attacks on Australian organisations despite twelve months of warnings,” he said.
“But while the Morrison-Joyce government never misses an opportunity for a dramatic cybersecurity press conference, it has missed every opportunity to take the basic actions needed to combat the urgent threat of ransomware despite mounting warnings.
“Instead, the victims are simply blamed, telling companies that it is up to them to protect themselves from increasingly sophisticated and well-resourced cyber criminals.”
Overall, the ACSC said the number of cybercrime reports increased by 13% to 67,500 over the 2020-2021 period, with the reports per minute metric falling from one report every 10 minutes to every 8 minutes.
“A higher proportion of cybersecurity incidents during the fiscal year were rated by the ACSC as having a ‘substantial’ impact. including several cases of data theft and / or services rendered offline, “says the report
“The increasing frequency of cybercrime activities is compounded by the increased complexity and sophistication of their operations. The accessibility of cybercrime services – such as ransomware-as-a-service – via the dark web is increasingly opening up the market to a growing number of malicious actors without significant technical expertise and without significant financial investment. “
Contrary to Australia’s population distribution, Queensland topped cyber crime reporting, followed by Victoria, New South Wales, Western Australia, and South Australia. Although they follow absolute numbers, WA and SA recorded higher average financial losses. Overall, they reported financial losses in excess of AU $ 33 billion.
The report was also far from rosy about the prospect of supply chain compromises like those of SolarWinds and Microsoft Exchange, calling it “the new norm”.
“Over the next 12 months, more supply chain compromises are likely to be revealed, major vulnerabilities will continue to emerge and Australia will experience more major financially motivated cyber incidents, some of which could disrupt critical services.” , did he declare.