Australia’s Assistant Minister for Defence has released the second ACSC Annual Cyber Threat Report: July 2020 to June 2021 in Perth. The ACSC Annual Cyber Threat Report details the key cyber threats Australians face, and provides critical advice on how to protect yourself online, jointly compiled by the Australian Cyber Security Centre (ACSC), the Australian Federal Police and the Australian Criminal Intelligence Commission.
As Australians in record numbers worked remotely in response to the coronavirus pandemic, the ACSC received over 67,500 cybercrime reports over the last financial year – or one every eight minutes. This is an increase of nearly 13 percent from the previous year. Malicious cyber actors have pivoted to exploit the COVID-19 pandemic and are actively targeting vulnerable Australians and health services to conduct espionage, and steal money and sensitive data. Ransomware-related cybercrime reports increased nearly 15 per cent from the previous financial year, and ransomware remains one of the most serious cyber threats due to its financial and disruptive impacts.
Assistant Minister for Defence Andrew Hastie said that cyber is the new battleground, and it is a team effort and a shared responsibility to lift the nation’s cyber defences by implementing cyber security measures. “The Morrison Government’s first priority is to keep Australians safe both in the physical world and online,” Hastie said. “Malicious cyber criminals are escalating their attacks on Australians. We need all Australians to be vigilant by taking simple cyber security steps including using strong passphrases, enabling two-factor authentication, updating software and devices and maintaining regular data backups, as well as being on guard against malicious emails and texts.
“Approximately one-quarter of reported cyber security incidents affected critical infrastructure organisations, including essential services that all Australians require, such as education, communications, electricity, water, and transport,” Hastie said. “The health sector reported the second highest number of ransomware incidents, right at a time when Australians are most reliant on our health workers to help us respond and recover through the pandemic. The government is taking action, we have introduced legislations to ensure that in the event of a large-scale cyber attack on our critical infrastructure, our cyber and law enforcement agencies are empowered to provide greater and more immediate support to the victims. While our agencies will continue undertake cyber offensive operations against those who would seek to do us harm.”
During the 12-month period from July 2020 to June 2021, the ACSC received over 1,500 cybercrime reports per month that related to the COVID-19 pandemic, and removed more than 110 malicious COVID-19 themed websites, with assistance from Telstra and Services Australia. “Through effective reporting and partnerships with foreign and domestic agencies, the ACSC was able to provide advice and assistance for over 1,630 cyber security incidents, and run 18 cyber security exercises involving over 50 organisations to strengthen Australia’s cyber resilience,” Hastie said. “I encourage every Australian business, organisation and family to report cybercrime through ReportCyber and subscribe to the ACSC’s alert service to receive free vital advice or become a Partner of the ACSC.”
The ACSC Annual Cyber Threat Report is available at http://www.cyber.gov.au/acsc/view-all-content/publications/acsc-annual-cyber-threat-report-2021. The ACSC regularly posts cyber advice and step-by-step guides tailored for all Australians and Australian businesses and organisations, available through cyber.gov.au. The ACSC is contactable 24/7 via email (firstname.lastname@example.org) or by calling the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371).