Mar 27, 2020 - Mr Karl Hanmore, acting Head Australian Cyber Security Centre, interview with Wendy Harmer and Robbie Buck on ABC Radio Sydney, 27 March 2020 WENDY HARMER: Well, you can go to NSW Health, of course, for all the latest on the coronavirus and don't forget to go to the ABC web page as well. We have heaps of stuff there for you to look at: all the latest advice, all the latest maps and stats and everything that you need there.
Mar 27, 2020 - The Australian Cyber Security Centre (ACSC) is aware of Microsoft’s recent disclosure of two remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library. Microsoft reports that there is targeted exploitation of these vulnerabilities. The vulnerabilities affect all supported versions of Windows and Windows Server. These vulnerabilities occur when Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.
Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community. Remember to incorporate cyber security into your contingency planning.
Mar 12, 2020 - The ACSC is aware of Microsoft’s recent disclosure of a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol called CVE-2020-0796, also known as EternalDarkness.
Mar 2, 2020 - In late July 2019, the Australian Signals Directorate (ASD) commissioned an independent review of its Cloud Services Certification Program (CSCP) and Information Security Registered Assessors Program (IRAP). The Review considered the perspectives of industry and government stakeholders to ensure the proposed recommendations support Commonwealth entities, Australian businesses and the community while maximising cyber security and resilience to protect against evolving cyber threats. The review made the following recommendations:
Dec 25, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability that exists in the Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway).
Nov 28, 2019 - Australians are urged to be vigilant and protect themselves online, especially over the busy festive period. The Australian Cyber Security Centre receives one cybercrime report every ten minutes from individuals and businesses. The most common types of cybercrime reported are identity theft, online fraud, shopping scams, online romance scams and business email compromise. Cybercriminals don’t discriminate and their crimes impact Australians of all ages, as well as businesses.
Nov 7, 2019 - UPDATE: As at 12th November 2019 the CIMA level returned to Level 5 - Normal Conditions. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency. The Cyber Incident Management Arrangements (CIMA) remain activated, however the alert level has been downgraded to Level 4 – ‘Lean Forward’.
Oct 24, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments. Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.
Oct 1, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a working exploit for a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution software The vulnerability, known as CVE-2019-11510, was initially disclosed in April 2019 and has resurfaced after the ACSC has received multiple reports of this publicly available exploit available for use on Pastebin and GitHub.
Sep 7, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of the overnight release of a working exploit for the vulnerability known as BlueKeep (CVE-2019-0708). Australian businesses and users of older versions of Windows should update their systems as soon as practically possible, before hackers further refine their tools and tradecraft in order to fully utilise this exploit.
Sep 4, 2019 - The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats. Updated monthly, the ISM is created primarily for Chief Information Security Officers and cyber security professionals to keep up-to-date with current cyber security risks and appropriate mitigation strategies.
Aug 29, 2019 - The Australian Cyber Security Centre (ACSC) has been actively working with energy sector organisations and government agencies to strengthen their resilience to cyber security threats. In November 2018, the ACSC commenced a nationwide program of cyber security resilience and response activities for Australia’s electricity industry.
Aug 28, 2019 - It takes a team effort to make Australia the safest place to connect online, and this is one of the reasons why the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is undertaking its largest-ever survey of small to medium-sized businesses in Australia.
Aug 12, 2019 - Thousands of Australian businesses using older Windows systems should immediately install a patch to avoid being compromised. The Australian Signals Directorate (ASD) is aware of malicious activity that indicates potential widespread abuse of the BlueKeep vulnerability known as CVE-2019-0708, affecting older versions of Windows operating systems including the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems.
Jul 26, 2019 - The ACSC has developed tailored advice to help organisations manage the increased cyber security risks, including when data is being migrated from one system to another. Businesses undergoing major organisational change, whether it be through a merger, acquisition or Machinery of Government changes, are an attractive target for cyber criminals because of significant upheaval and disruption to the normal flow of business.
Jul 25, 2019 - The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.
Jul 23, 2019 - The ACSC is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods. A number of Australian businesses have been forced to close since the scam began due to the losses they have sustained. The amounts lost average between $30K and $100K with the largest to date being $170K. To date, the cyber criminals have yielded more than $700,000 through what has been termed freight forwarding scams.
Jul 2, 2019 - Cyber criminal activity is constantly evolving so the advice of the ACSC constantly evolves, too. As the lead agency on cyber security, the ACSC assists organisations by adopting a risk management approach and providing expert advice that best meets their specific needs. It’s never one-size-fits-all. Our expert advice helps government protect their networks, staff and customers.
Jul 1, 2019 - An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
Jun 17, 2019 - The ACSC Small Business Survey is being shared with a range of government and small business support groups around Australia, inviting members and stakeholders to participate. The survey is an opportunity to share the challenges small businesses face and to know what they’re worried about, so we can help businesses of all kinds manage risks and minimise harm.
Jun 6, 2019 - The ACSC is aware of Microsoft’s recent disclosure of a remote desktop vulnerability called CVE-2019-0708, also known as BlueKeep. As an indication of just how significant the impacts of BlueKeep can be to their customers, Microsoft took the unusual step of publishing advice to warn of its ability to propagate or ‘worm’ through vulnerable computer systems, with no user interaction at all.
May 25, 2019 - The ACSC is aware of a security incident affecting the Australian online design platform, Canva. Canva assures the ACSC it has taken the necessary steps to mitigate the incident and is encouraging all users to change their passwords as a precaution.
May 23, 2019 - The ACSC regularly receives reports from businesses and members of the public about remote access scams. Most of these reports are from people whose devices have been remotely accessed by scammers pretending to be from IT companies, telecommunications companies, banks or even from the ACSC, who attempt to access people’s bank accounts, email, and social media channels, usually changing the passwords and locking users out of their accounts.
May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses.
May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps.
May 15, 2019 - This week is national Privacy Awareness Week, an annual initiative of the Office of the Australian Information Commissioner (OAIC) that raises awareness of privacy issues and the importance of protecting personal information. Malicious or criminal attacks are deliberately crafted to exploit known vulnerabilities for financial or other gain. Many cyber incidents exploit vulnerabilities involving a human factor, such as unwittingly clicking on a malicious link and disclosing passwords.
May 9, 2019 - Telephone scams - where people pretend to be from a reputable organisation to try to get access to your computer and your bank account - are a constant threat. The ACSC is aware of a new scam where people call who pretend to be from the ACSC, seeking your help to act against cyber criminals. These scammers try to coax individuals into actions that could compromise computers or reveal bank information. These types of scams are also called ‘remote access scams’ or impersonation scams.
May 2, 2019 - The Australian Cyber Security Centre (ACSC) has released a checklist to help Australians protect themselves from cyber criminals. Lottery and grant scams, identity theft, investment scams, hacking, phishing, dating and romance scams, online abuse and sextortion are just some of the threats people face.
Apr 17, 2019 - Head of the Australian Cyber Security Centre Alastair MacGibbon has issued an update for registered MSPs and those considering applying to join the Managed Service Provider Partner Program – MSP3. Registration has been extended through to 30 April 2019 and the due date for the return of the surveys is now 31 May 2019. For more information you can view the Program Update here.
Apr 3, 2019 - Cyber criminals are trying to commit payroll fraud by sending fake emails requesting a change to your bank details. The Australian Cyber Security Centre (ACSC) is aware that fraudulent emails have been received by organisations across Australia. These emails spoof the emails and signature blocks of staff, and are sent to HR/payroll areas appearing to ask for a change in bank account details for the current or next pay. Workers often become targets while on holiday, when their Facebook or Instagram updates reveal that they are away for an extended period of time.
Apr 1, 2019 - The ACSC Partnership Program is increasingly bringing industry, academia, law enforcement and government agencies together in collaborative workspaces, enabling information-sharing and network-hardening across the economy.
Mar 30, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails that are falsely advising Australians that their account has violated Paypal rules. These phishing emails try to lure the recipient into sharing personal information, which could then be used for identity theft and financial gain by cyber criminals. The recipient is told their account will be permanently disabled within 48 hours unless the user logs-in using the link provided within the email to ‘update account details’ and ‘activate your account’.
Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.
Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) advises users of Drupal and Firefox to implement the latest fixes for vulnerabilities. Cyber criminals will use any weakness in software and apps to access your phone or device. You can protect yourself by installing the updates that are regularly distributed by the company and are designed to fix these weaknesses. These updates can introduce new features as well as fix newly discovered vulnerabilities. To stay one step ahead of updates, and cyber criminals, we recommend that you set your phone and device/s to auto update.
Mar 21, 2019 - Norsk Hydro, a Norwegian aluminium and renewable energy company was subject to a Ransomware attack on Tuesday, 19 March 2019. The company confirmed the attack in a statement on their website
Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here
Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information relating to their relative/s are contained in a case file. The recipient is advised they can avoid arrest by paying a $10,000 USD in bitcoin.
Mar 8, 2019 - Network engineering, common sense and top-grade resilience have propelled Kylie McDevitt into her role in the heart of cyber security in Australia’s capital. Kylie is the director of a security research and engineering team within the Australian Cyber Security Centre (ACSC) and is also founder of BSides Canberra – the largest hacker forum in Australia. Better known by her Twitter handle @kylieengineer, she has much wisdom to share about studying and working as a minority since the 1990s.
Mar 8, 2019 - The Australian Cyber Security Centre (ACSC) advises Google Chrome users update their browser in order to patch a known vulnerability. Google has released Chrome version 72.0.3626.121 for Mac, Windows and Linux. The update addresses a vulnerability which allows a remote attacker to take control of an affected system. The ACSC recommends users apply the necessary updates to ensure their systems are best protected.
Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.
Feb 19, 2019 - During the course of the investigation into the recent compromise of the Australian Parliament House network, the ACSC has identified that networks of some political parties have also been affected by a cyber security incident. In speeches delivered to Parliament on Monday 18 February 2019, Prime Minister Scott Morrison and Opposition Leader Bill Shorten acknowledged the Australian security and intelligence community have detected malicious activity by a sophisticated state actor, on the networks of a number of Australian political parties including Liberal, Labor and The…
Feb 7, 2019 - The Australian Cyber Security Centre (ACSC) urges organisations to step up efforts to protect themselves from cyber criminals, after the December quarter Notifiable Data Breaches Quarterly Statistics Report revealed an increase in reported malicious or criminal activity. The Office of the Australian Information Commissioner (OAIC) report found that malicious or criminal activity was the leading cause of data breaches in the quarter at 64 per cent of notifications, an increase from the previous quarter's 57 per cent.
Feb 5, 2019 - Today marks Safer Internet Day (SID), and the Australian Cyber Security Centre (ACSC) is a proud partner in supporting this year's theme -- 'Together for a better internet'. SID is an annual, worldwide event led by the Office of the eSafety Commissioner. This year they are encouraging individuals to create a better internet by developing four critical skills known as the 4Rs: Respect, Responsibility, Reasoning and Resilience.
Feb 1, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a phone scam asking staff members of a critical infrastructure organisation to reveal their multifactor authentication credentials. The scammers seek to convince staff members to reveal their credentials by impersonating the service desk on a direct telephone call.
Jan 24, 2019 - The Australian Cyber Security Centre (ACSC) has certified Amazon Web Services (AWS) for hosting Australian Government data classified up to the PROTECTED classification level, providing assurance to Australian Government agencies that AWS complies with Australian Government security requirements. ‘Amazon Web Services joins other providers on the Certified Cloud Services List (CCSL) that meet stringent Australian Government security requirements for hosting PROTECTED data,’ said Alastair MacGibbon, Head of the ACSC.
Jan 23, 2019 - Whether you’re an individual or part of an organisation, the data dump of billions of stolen passwords and email addresses is a reminder to take action to protect yourself and your information. The Australian Cyber Security Centre (ACSC) is aware that the so-called Collection #1data dump of stolen credentials has now been followed by the release on the dark web of Collections #2, #3, #4 and #5. All 5 collections add up to 1 terabyte in size with 100 billion records in total.
Jan 18, 2019 - The global hack of ICT managed service providers, or MSPs, has affected businesses across Australia and the world. MSPs manage IT services and infrastructure for businesses of all sizes, and access their customers’ systems remotely, making them attractive targets for state actors and cybercriminals. If you use the services of an MSP, the global hack means your business may have been compromised, leaving your intellectual property and customer data, among other critical information, vulnerable.
Jan 18, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a significant data breach affecting 773 million email addresses and usernames. Titled 'Collection #1', the data breach was made public by Australian cyber security expert Troy Hunt, who identified that a large number of credential lists had been distributed on a known hacking forum.
Jan 14, 2019 - At this time of the year, Australia sees its fair share of extreme weather events. From savage storms to raging bushfires, these extreme weather conditions can take place unexpectedly, leaving Australians little time to consider the possibility of being the target of cybercrime. Cybercriminals will take advantage of these stressful situations, pursuing individuals and businesses when they least expect. As witnessed in the United States late last year during Hurricane Florence, cyber scammers are indiscriminate in who they choose to target and will attempt to make a profit in…