May 22, 2020 - The Australian Cyber Security Centre (ACSC) has produced advice to help critical infrastructure providers protect themselves from cyber attack as key staff work remotely during the COVID-19 pandemic. Critical infrastructure facilities such as power and water distribution networks, as well as transport and communications grids, are potential targets for malicious cyber adversaries in Australia and elsewhere.
May 20, 2020 - Joint Statement Australian Department of Foreign Affairs and Trade Australian Cyber Security Centre As Australians and the international community band together to respond to COVID-19, the Australian Government is concerned that malicious cyber actors are seeking to exploit the pandemic for their own gain. Of particular concern are reports that malicious cyber actors are seeking to damage or impair the operation of hospitals, medical services and facilities, and crisis response organisations outside of Australia.
May 12, 2020 - Agents of government services, such as taxation agents, BAS agents and taxation (financial) advisers, are attractive targets for cybercriminals. The ACSC has published Cyber Security for Agents of Government Services to help agents protect their clients' valuable and personal information, and their own businesses.
May 8, 2020 - Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities in Australia. The ACSC issued an advisory on 8 May 2020 with recommendations for the health sector to implement as part of their mitigation strategies.
Apr 30, 2020 - In November 2019, the ACSC coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies. The exercises were designed to strengthen industry and governments’ coordinated response to a significant cyber incident affecting Australia’s electricity sector.
Apr 20, 2020 - Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes.
Apr 16, 2020 - A large number of Australians are being impacted by an email ‘sextortion’ campaign. Australians are urged to not make payments, to cease all contact with the scammers, and delete the email.
Apr 15, 2020 - With increasing numbers of Australians working from home to combat the spread and impact of COVID-19, the Australian Cyber Security Centre (ACSC) has issued a new advisory containing tips to reduce the risk of Australians falling victim to cybercriminals at home.
Apr 7, 2020 - The Australian Cyber Security Centre (ACSC) has published advice on how small businesses can better protect themselves from cyber attacks and disruptions during COVID-19. The Head of the ACSC, Ms Abigail Bradshaw CSC, said since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia and small businesses are far from immune.
Mar 27, 2020 - Mr Karl Hanmore, acting Head Australian Cyber Security Centre, interview with Wendy Harmer and Robbie Buck on ABC Radio Sydney, 27 March 2020
Mar 27, 2020 - The Australian Cyber Security Centre (ACSC) is aware of Microsoft’s recent disclosure of two remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library. Microsoft reports that there is targeted exploitation of these vulnerabilities. The vulnerabilities affect all supported versions of Windows and Windows Server. These vulnerabilities occur when Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.
Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community. Remember to incorporate cyber security into your contingency planning.
Mar 12, 2020 - The ACSC is aware of Microsoft’s recent disclosure of a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol called CVE-2020-0796, also known as EternalDarkness.
Mar 2, 2020 - In late July 2019, the Australian Signals Directorate (ASD) commissioned an independent review of its Cloud Services Certification Program (CSCP) and Information Security Registered Assessors Program (IRAP). The Review considered the perspectives of industry and government stakeholders to ensure the proposed recommendations support Commonwealth entities, Australian businesses and the community while maximising cyber security and resilience to protect against evolving cyber threats. The review made the following recommendations:
Dec 25, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability that exists in the Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway). The vulnerability, known as CVE-2019-19781, was initially disclosed on 17 December 2019 and could allow an unauthenticated attacker to perform arbitrary code execution on an organisation’s local network.
Nov 28, 2019 - Australians are urged to be vigilant and protect themselves online, especially over the busy festive period. The Australian Cyber Security Centre receives one cybercrime report every ten minutes from individuals and businesses. The most common types of cybercrime reported are identity theft, online fraud, shopping scams, online romance scams and business email compromise. Cybercriminals don’t discriminate and their crimes impact Australians of all ages, as well as businesses.
Nov 7, 2019 - UPDATE: As at 12th November 2019 the CIMA level returned to Level 5 - Normal Conditions. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency. The Cyber Incident Management Arrangements (CIMA) remain activated, however the alert level has been downgraded to Level 4 – ‘Lean Forward’.
Oct 24, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments. Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.
Oct 1, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a working exploit for a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution software The vulnerability, known as CVE-2019-11510, was initially disclosed in April 2019 and has resurfaced after the ACSC has received multiple reports of this publicly available exploit available for use on Pastebin and GitHub.
Sep 7, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of the overnight release of a working exploit for the vulnerability known as BlueKeep (CVE-2019-0708). Australian businesses and users of older versions of Windows should update their systems as soon as practically possible, before hackers further refine their tools and tradecraft in order to fully utilise this exploit.
Sep 4, 2019 - The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats. Updated monthly, the ISM is created primarily for Chief Information Security Officers and cyber security professionals to keep up-to-date with current cyber security risks and appropriate mitigation strategies.
Aug 29, 2019 - The Australian Cyber Security Centre (ACSC) has been actively working with energy sector organisations and government agencies to strengthen their resilience to cyber security threats. In November 2018, the ACSC commenced a nationwide program of cyber security resilience and response activities for Australia’s electricity industry.
Aug 28, 2019 - It takes a team effort to make Australia the safest place to connect online, and this is one of the reasons why the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is undertaking its largest-ever survey of small to medium-sized businesses in Australia.
Aug 12, 2019 - Thousands of Australian businesses using older Windows systems should immediately install a patch to avoid being compromised. The Australian Signals Directorate (ASD) is aware of malicious activity that indicates potential widespread abuse of the BlueKeep vulnerability known as CVE-2019-0708, affecting older versions of Windows operating systems including the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems.
Jul 26, 2019 - The ACSC has developed tailored advice to help organisations manage the increased cyber security risks, including when data is being migrated from one system to another. Businesses undergoing major organisational change, whether it be through a merger, acquisition or Machinery of Government changes, are an attractive target for cyber criminals because of significant upheaval and disruption to the normal flow of business.
Jul 25, 2019 - The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.
Jul 23, 2019 - The ACSC is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods. A number of Australian businesses have been forced to close since the scam began due to the losses they have sustained. The amounts lost average between $30K and $100K with the largest to date being $170K. To date, the cyber criminals have yielded more than $700,000 through what has been termed freight forwarding scams.
Jul 2, 2019 - Cyber criminal activity is constantly evolving so the advice of the ACSC constantly evolves, too. As the lead agency on cyber security, the ACSC assists organisations by adopting a risk management approach and providing expert advice that best meets their specific needs. It’s never one-size-fits-all. Our expert advice helps government protect their networks, staff and customers.
Jul 1, 2019 - An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
Jun 17, 2019 - The ACSC Small Business Survey is being shared with a range of government and small business support groups around Australia, inviting members and stakeholders to participate. The survey is an opportunity to share the challenges small businesses face and to know what they’re worried about, so we can help businesses of all kinds manage risks and minimise harm.
Jun 6, 2019 - The ACSC is aware of Microsoft’s recent disclosure of a remote desktop vulnerability called CVE-2019-0708, also known as BlueKeep. As an indication of just how significant the impacts of BlueKeep can be to their customers, Microsoft took the unusual step of publishing advice to warn of its ability to propagate or ‘worm’ through vulnerable computer systems, with no user interaction at all.
May 25, 2019 - The ACSC is aware of a security incident affecting the Australian online design platform, Canva. Canva assures the ACSC it has taken the necessary steps to mitigate the incident and is encouraging all users to change their passwords as a precaution.
May 23, 2019 - The ACSC regularly receives reports from businesses and members of the public about remote access scams. Most of these reports are from people whose devices have been remotely accessed by scammers pretending to be from IT companies, telecommunications companies, banks or even from the ACSC, who attempt to access people’s bank accounts, email, and social media channels, usually changing the passwords and locking users out of their accounts.
May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses.
May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps.
May 15, 2019 - This week is national Privacy Awareness Week, an annual initiative of the Office of the Australian Information Commissioner (OAIC) that raises awareness of privacy issues and the importance of protecting personal information. Malicious or criminal attacks are deliberately crafted to exploit known vulnerabilities for financial or other gain. Many cyber incidents exploit vulnerabilities involving a human factor, such as unwittingly clicking on a malicious link and disclosing passwords.
May 9, 2019 - Telephone scams - where people pretend to be from a reputable organisation to try to get access to your computer and your bank account - are a constant threat. The ACSC is aware of a new scam where people call who pretend to be from the ACSC, seeking your help to act against cyber criminals. These scammers try to coax individuals into actions that could compromise computers or reveal bank information. These types of scams are also called ‘remote access scams’ or impersonation scams.
May 2, 2019 - The Australian Cyber Security Centre (ACSC) has released a checklist to help Australians protect themselves from cyber criminals. Lottery and grant scams, identity theft, investment scams, hacking, phishing, dating and romance scams, online abuse and sextortion are just some of the threats people face.
Apr 17, 2019 - Head of the Australian Cyber Security Centre Alastair MacGibbon has issued an update for registered MSPs and those considering applying to join the Managed Service Provider Partner Program – MSP3. Registration has been extended through to 30 April 2019 and the due date for the return of the surveys is now 31 May 2019. For more information you can view the Program Update here.
Apr 3, 2019 - Cyber criminals are trying to commit payroll fraud by sending fake emails requesting a change to your bank details. The Australian Cyber Security Centre (ACSC) is aware that fraudulent emails have been received by organisations across Australia. These emails spoof the emails and signature blocks of staff, and are sent to HR/payroll areas appearing to ask for a change in bank account details for the current or next pay. Workers often become targets while on holiday, when their Facebook or Instagram updates reveal that they are away for an extended period of time.
Apr 1, 2019 - The ACSC Partnership Program is increasingly bringing industry, academia, law enforcement and government agencies together in collaborative workspaces, enabling information-sharing and network-hardening across the economy.
Mar 30, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails that are falsely advising Australians that their account has violated Paypal rules. These phishing emails try to lure the recipient into sharing personal information, which could then be used for identity theft and financial gain by cyber criminals. The recipient is told their account will be permanently disabled within 48 hours unless the user logs-in using the link provided within the email to ‘update account details’ and ‘activate your account’.
Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.
Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) advises users of Drupal and Firefox to implement the latest fixes for vulnerabilities. Cyber criminals will use any weakness in software and apps to access your phone or device. You can protect yourself by installing the updates that are regularly distributed by the company and are designed to fix these weaknesses. These updates can introduce new features as well as fix newly discovered vulnerabilities. To stay one step ahead of updates, and cyber criminals, we recommend that you set your phone and device/s to auto update.
Mar 21, 2019 - Norsk Hydro, a Norwegian aluminium and renewable energy company was subject to a Ransomware attack on Tuesday, 19 March 2019. The company confirmed the attack in a statement on their website
Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here
Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information relating to their relative/s are contained in a case file. The recipient is advised they can avoid arrest by paying a $10,000 USD in bitcoin.
Mar 8, 2019 - Network engineering, common sense and top-grade resilience have propelled Kylie McDevitt into her role in the heart of cyber security in Australia’s capital. Kylie is the director of a security research and engineering team within the Australian Cyber Security Centre (ACSC) and is also founder of BSides Canberra – the largest hacker forum in Australia. Better known by her Twitter handle @kylieengineer, she has much wisdom to share about studying and working as a minority since the 1990s.
Mar 8, 2019 - The Australian Cyber Security Centre (ACSC) advises Google Chrome users update their browser in order to patch a known vulnerability. Google has released Chrome version 72.0.3626.121 for Mac, Windows and Linux. The update addresses a vulnerability which allows a remote attacker to take control of an affected system. The ACSC recommends users apply the necessary updates to ensure their systems are best protected.
Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.