Hundreds of attacks daily on critical organisations


By Dylan Bushell-Embling
Wednesday, 19 April, 2017

Hundreds of attacks daily on critical organisations

Nine in 10 important Australian organisations faced some form of attempted or successful cyber attack in the 2015–16 financial year, with some critical infrastructure organisations being attacked hundreds of times per day.

These were among the findings of the latest report from the Australian Cyber Security Centre (ACSC) covering both government and private sector organisations of national significance.

The report finds that through spear phishing emails alone, organisations are being attacked up to hundreds of times per day.

In total, 86% of surveyed organisations experienced attempts to compromise their network data or system, with 58% experiencing at least one successful attack.

Sixty per cent of organisations surveyed experienced tangible impacts on their business due to attempted or successful compromises, despite rating the incidences as relatively low in severity.

On the bright side, the majority of organisations surveyed displayed a high level of cyber resilience — defined as “an organisation’s ability to prepare for, withstand and recover from cyber threats and attacks”.

But there are still improvements that need to be made, the ACSC said. Just over half (51%) of organisations surveyed said they tend to be alerted to possible breaches by external third parties before detecting it themselves, suggesting that “organisations are not adequately focusing on monitoring networks and detecting potentially malicious activity”, the report states.

Likewise, while a number of organisations have embraced practices such as BYOD or remote work that offer greater workplace flexibility, significantly fewer have implemented mobile device management or identity and access management solutions to mitigate the increased risks these practices bring.

“Despite these gaps there have been improvements. For example, 71% of organisations report having a cybersecurity incident response plan in place compared with 60% in [a 2015 survey],” the report states.

“Now the focus needs to be on ensuring those plans remain relevant. Of all organisations that have incident response plans, less than half (46%) regularly review and exercise these plans. Fifteen per cent either never test the plan, or test it on an ad hoc basis, with 24% testing less than once a year.”

Image courtesy of iaBeta under CC

Follow us on Twitter and Facebook

Related Articles

Adapting to new cybersecurity challenges: a roadmap for Australian government agencies

Given the rise in cyber threats against government networks and critical infrastructure sectors,...

Growing fraud trends in Australian health care

As the healthcare landscape evolves, so do the methods of fraud.

Overcoming the top cybersecurity challenges faced by public agencies

With a new cybersecurity strategy out and the right approach to key challenges, the public sector...

Content from other channels on our network

Future Made in Australia Act welcomed by climate orgs

An interconnected ASEAN Power Grid: report

What Australia thinks about the energy transition

Call for improved train lighting to save lives

Foiling hackers in the smart home era

Zendesk launches AI-powered customer experience solution

How breakfast influences student achievement

Fujitsu establishes security consulting division

Ingram Micro Experience 2024 open for registrations

Secure-by-design software development for digital innovation

What factors influence hospital staff retention?

Hospital uses AI model to improve physician–nurse collaboration

Finalists announced for 2024 HESTA Australian Nursing & Midwifery Awards

GenesisCare expands with $35m Northern Beaches cancer centre

In Conversation with Royal Women's Hospital CEO Sue Matthews

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd