ACSC receives one cybercrime report every 10 min
The Australian Cyber Security Centre (ACSC) received an average of one cybercrime report every 10 minutes during FY20 as the threat landscape further evolved.
The centre's inaugural Annual Cyber Threat Report for 2020 shows that there were 59,806 cybercrime incidents reported throughout the year, of which 2266 were deemed significant enough to require to ACSC intervention.
According to the report, the ACSC is now assisting in the response to an average of six cybersecurity incidents per day.
Malicious cyber activity against Australia's national and economic interests is increasing in frequency, scale and sophistication, the report shows. Ransomware has become one of the most significant threats to both businesses and government agencies.
The ACSC also warned that the likelihood and severity of cyber attacks is increasing due to Australia's growing dependence on new information technology platforms and interconnected devices and systems — a situation that is expected to be exacerbated by 5G and IoT network rollouts.
Incident trends captured in the report include two notable spikes in the frequency of cyber incident reports associated with the widespread Emotet malware campaign, and an uptick in threat activity taking advantage of the COVID-19 pandemic.
The agency in fact received over 45 pandemic-themed cybercrime and cybersecurity incident reports between 10 March and 26 March alone.
The most common type of cybersecurity incident involved phishing and spear-phishing campaigns — at 26% of the total. This was followed by reports of compromised systems, where an adversary has accessed or modified a network, account, database or website without authorisation (24%).
The ACSC also used the report to provide cybercrime statistics on the use of its online reporting tool ReportCyber during the year. The most common category of cybercrime reported in Australia was fraud (39.9%), followed by identity-related crimes (32.4%) and cyber abuse (22.1%).
But while the numbers show that fraud is the most common category, the ACSC said it assesses ransomware as the highest threat, due to factors involving how easy and cheaply such attacks can be mounted.
Interestingly, the largest number of cybercrime reports (14,630) came from Queensland, and both Queensland and Melbourne (14,061) had significantly more reports than the most populous state of NSW (12,689).
The ACT likewise had more reports (886) than the higher populated state of Tasmania (839), suggesting attackers favour targeting the seat of government.
Zero Trust, a strategic initiative designed to stop data breaches, has come of age in the last 12...
The Attorney-General's Department will recommend that the ACSC's Essential Eight threat...
As organisations increasingly rely on user data and employees access sensitive information from...