Skip to main content

News

critical infrastructure

Safeguarding Australia’s Critical Infrastructure From Cyber Attack

May 22, 2020 - The Australian Cyber Security Centre (ACSC) has produced advice to help critical infrastructure providers protect themselves from cyber attack as key staff work remotely during the COVID-19 pandemic. Critical infrastructure facilities such as power and water distribution networks, as well as transport and communications grids, are potential targets for malicious cyber adversaries in Australia and elsewhere.

Unacceptable Malicious Cyber Activity

May 20, 2020 - Joint Statement Australian Department of Foreign Affairs and Trade Australian Cyber Security Centre As Australians and the international community band together to respond to COVID-19, the Australian Government is concerned that malicious cyber actors are seeking to exploit the pandemic for their own gain. Of particular concern are reports that malicious cyber actors are seeking to damage or impair the operation of hospitals, medical services and facilities, and crisis response organisations outside of Australia. 
Man and woman programming

Government service agents urged to protect clients and themselves

May 12, 2020 - Agents of government services, such as taxation agents, BAS agents and taxation (financial) advisers, are attractive targets for cybercriminals. The ACSC has published Cyber Security for Agents of Government Services to help agents protect their clients' valuable and personal information, and their own businesses.

APT activity targeting Australian health sector

May 8, 2020 - Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities in Australia. The ACSC issued an advisory on 8 May 2020 with recommendations for the health sector to implement as part of their mitigation strategies.
Cyber resilience

National cyber security exercises for Australia’s electricity industry

Apr 30, 2020 - In November 2019, the ACSC coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies. The exercises were designed to strengthen industry and governments’ coordinated response to a significant cyber incident affecting Australia’s electricity sector.
Threat update: COVID-19 malicious cyber activity

COVID-19 cyber scams mount against Australians

Apr 20, 2020 - Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes.
Woman using laptop

Sextortion email campaign impacting Australians

Apr 16, 2020 - A large number of Australians are being impacted by an email ‘sextortion’ campaign. Australians are urged to not make payments, to cease all contact with the scammers, and delete the email.
Diverse man working from home

Are you cyber-safe at home?

Apr 15, 2020 - With increasing numbers of Australians working from home to combat the spread and impact of COVID-19, the Australian Cyber Security Centre (ACSC) has issued a new advisory containing tips to reduce the risk of Australians falling victim to cybercriminals at home.
Warehouse - small business - man - landing

Protecting small business against cyber attacks during COVID-19

Apr 7, 2020 - The Australian Cyber Security Centre (ACSC) has published advice on how small businesses can better protect themselves from cyber attacks and disruptions during COVID-19. The Head of the ACSC, Ms Abigail Bradshaw CSC, said since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia and small businesses are far from immune.
Australian Government - Australian Signals Directorate - Australian Cyber Security Centre

Cyber scams during the COVID-19 crisis - ABC Radio interview

Mar 27, 2020 - Mr Karl Hanmore, acting Head Australian Cyber Security Centre, interview with Wendy Harmer and Robbie Buck on ABC Radio Sydney, 27 March 2020
Microsoft logo

Microsoft warns of vulnerabilities in Adobe Type Manager Library

Mar 27, 2020 - The Australian Cyber Security Centre (ACSC) is aware of Microsoft’s recent disclosure of two remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library. Microsoft reports that there is targeted exploitation of these vulnerabilities.  The vulnerabilities affect all supported versions of Windows and Windows Server. These vulnerabilities occur when Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. 
Lady using laptop

Cyber security is essential when preparing for COVID-19

Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community. Remember to incorporate cyber security into your contingency planning.
Microsoft logo

Microsoft warns of vulnerabilities in SMBv3 [update: patch released 13 March 2020]

Mar 12, 2020 - The ACSC is aware of Microsoft’s recent disclosure of a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol called CVE-2020-0796, also known as EternalDarkness.
Latest news

Joint Australian Signals Directorate and Digital Transformation Agency Public Statement on Independent Review of CSCP and IRAP

Mar 2, 2020 - In late July 2019, the Australian Signals Directorate (ASD) commissioned an independent review of its Cloud Services Certification Program (CSCP) and Information Security Registered Assessors Program (IRAP). The Review considered the perspectives of industry and government stakeholders to ensure the proposed recommendations support Commonwealth entities, Australian businesses and the community while maximising cyber security and resilience to protect against evolving cyber threats. The review made the following recommendations:

ACSC aware of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway

Dec 25, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability that exists in the Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway). The vulnerability, known as CVE-2019-19781, was initially disclosed on 17 December 2019 and could allow an unauthenticated attacker to perform arbitrary code execution on an organisation’s local network.

Online fraud and shopping scams among the top cybercrimes targeting Australians

Nov 28, 2019 - Australians are urged to be vigilant and protect themselves online, especially over the busy festive period. The Australian Cyber Security Centre receives one cybercrime report every ten minutes from individuals and businesses. The most common types of cybercrime reported are identity theft, online fraud, shopping scams, online romance scams and business email compromise.  Cybercriminals don’t discriminate and their crimes impact Australians of all ages, as well as businesses.

National Cyber Security Committee urges vigilance as two concerning cyber security threats are in the wild

Nov 7, 2019 - UPDATE: As at 12th November 2019 the CIMA level returned to Level 5 - Normal Conditions. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency. The Cyber Incident Management Arrangements (CIMA) remain activated, however the alert level has been downgraded to Level 4 – ‘Lean Forward’.
Check Scam Message Artwork

Widespread exploitation of vulnerable systems via Emotet malware

Oct 24, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments. Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.
Pulse Secure Logo

Vulnerability in Pulse Connect Secure VPN Software

Oct 1, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a working exploit for a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution software The vulnerability, known as CVE-2019-11510, was initially disclosed in April 2019 and has resurfaced after the ACSC has received multiple reports of this publicly available exploit available for use on Pastebin and GitHub.
Microsoft logo

ACSC confirms the public release of BlueKeep exploit

Sep 7, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of the overnight release of a working exploit for the vulnerability known as BlueKeep (CVE-2019-0708). Australian businesses and users of older versions of Windows should update their systems as soon as practically possible, before hackers further refine their tools and tradecraft in order to fully utilise this exploit.
Code on mobile and laptop

Australian Government Information Security Manual updated

Sep 4, 2019 - The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats. Updated monthly, the ISM is created primarily for Chief Information Security Officers and cyber security professionals to keep up-to-date with current cyber security risks and appropriate mitigation strategies.
Cyber resilience

Electricity program generates a buzz

Aug 29, 2019 - The Australian Cyber Security Centre (ACSC) has been actively working with energy sector organisations and government agencies to strengthen their resilience to cyber security threats. In November 2018, the ACSC commenced a nationwide program of cyber security resilience and response activities for Australia’s electricity industry.
stall holder

Largest survey to improve cyber security for Australia’s small businesses

Aug 28, 2019 - It takes a team effort to make Australia the safest place to connect online, and this is one of the reasons why the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is undertaking its largest-ever survey of small to medium-sized businesses in Australia.
Microsoft logo

UPDATE: ACSC confirms potential exploitation of BlueKeep vulnerability

Aug 12, 2019 - Thousands of Australian businesses using older Windows systems should immediately install a patch to avoid being compromised. The Australian Signals Directorate (ASD) is aware of malicious activity that indicates potential widespread abuse of the BlueKeep vulnerability known as CVE-2019-0708, affecting older versions of Windows operating systems including the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems.
desk people

Cyber security best-practice in mergers, acquisitions and MoG changes

Jul 26, 2019 - The ACSC has developed tailored advice to help organisations manage the increased cyber security risks, including when data is being migrated from one system to another. Businesses undergoing major organisational change, whether it be through a merger, acquisition or Machinery of Government changes, are an attractive target for cyber criminals because of significant upheaval and disruption to the normal flow of business.
Code on mobile and laptop

Cyber defences tested in the ACSC and Splunk BOTS Day

Jul 25, 2019 - The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.
Email scam

Business Email Compromise freight forwarding scam

Jul 23, 2019 - The ACSC is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods. A number of Australian businesses have been forced to close since the scam began due to the losses they have sustained. The amounts lost average between $30K and $100K with the largest to date being $170K. To date, the cyber criminals have yielded more than $700,000 through what has been termed freight forwarding scams.
Essential Eight

Updates to the Essential Eight Maturity Model

Jul 2, 2019 - Cyber criminal activity is constantly evolving so the advice of the ACSC constantly evolves, too. As the lead agency on cyber security, the ACSC assists organisations by adopting a risk management approach and providing expert advice that best meets their specific needs. It’s never one-size-fits-all. Our expert advice helps government protect their networks, staff and customers.
acsc-asean-2019

ACSC-ASEAN Strengthening Regional Cyber Security

Jul 1, 2019 - An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
we want to hear from you. Cyber security survey for small business

ACSC Small Business Survey. Tell us about your cyber security challenges

Jun 17, 2019 - The ACSC Small Business Survey is being shared with a range of government and small business support groups around Australia, inviting members and stakeholders to participate. The survey is an opportunity to share the challenges small businesses face and to know what they’re worried about, so we can help businesses of all kinds manage risks and minimise harm.
Microsoft logo

Australian Cyber Security Centre advises Windows users across Australia to protect against BlueKeep

Jun 6, 2019 - The ACSC is aware of Microsoft’s recent disclosure of a remote desktop vulnerability called CVE-2019-0708, also known as BlueKeep. As an indication of just how significant the impacts of BlueKeep can be to their customers, Microsoft took the unusual step of publishing advice to warn of its ability to propagate or ‘worm’ through vulnerable computer systems, with no user interaction at all.
Canva logo

Canva users advised to change your password

May 25, 2019 - The ACSC is aware of a security incident affecting the Australian online design platform, Canva. Canva assures the ACSC it has taken the necessary steps to mitigate the incident and is encouraging all users to change their passwords as a precaution.
Two Factor Password

Never let a stranger remotely access your devices

May 23, 2019 - The ACSC regularly receives reports from businesses and members of the public about remote access scams. Most of these reports are from people whose devices have been remotely accessed by scammers pretending to be from IT companies, telecommunications companies, banks or even from the ACSC, who attempt to access people’s bank accounts, email, and social media channels, usually changing the passwords and locking users out of their accounts.
Software update

You need to patch to protect your business online

May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses.
WhatsApp logo

Users advised to update WhatsApp

May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps.
small and medium business logo

Follow our essential steps to protect your business

May 15, 2019 - This week is national Privacy Awareness Week, an annual initiative of the Office of the Australian Information Commissioner (OAIC) that raises awareness of privacy issues and the importance of protecting personal information. Malicious or criminal attacks are deliberately crafted to exploit known vulnerabilities for financial or other gain. Many cyber incidents exploit vulnerabilities involving a human factor, such as unwittingly clicking on a malicious link and disclosing passwords.
Scammer calling

Phone scammers impersonating ACSC

May 9, 2019 - Telephone scams - where people pretend to be from a reputable organisation to try to get access to your computer and your bank account - are a constant threat. The ACSC is aware of a new scam where people call who pretend to be from the ACSC, seeking your help to act against cyber criminals. These scammers try to coax individuals into actions that could compromise computers or reveal bank information. These types of scams are also called ‘remote access scams’ or impersonation scams.
Strong password artwork

Take steps to better secure yourself

May 2, 2019 - The Australian Cyber Security Centre (ACSC) has released a checklist to help Australians protect themselves from cyber criminals. Lottery and grant scams, identity theft, investment scams, hacking, phishing, dating and romance scams, online abuse and sextortion are just some of the threats people face.
MSP Partner Program

Registration date extended to join our MSP3 program

Apr 17, 2019 - Head of the Australian Cyber Security Centre Alastair MacGibbon has issued an update for registered MSPs and those considering applying to join the Managed Service Provider Partner Program – MSP3. Registration has been extended through to 30 April 2019 and the due date for the return of the surveys is now 31 May 2019. For more information you can view the Program Update here.     
exclamation mark to indicate urgent message

Subject -- Urgent payroll request

Apr 3, 2019 - Cyber criminals are trying to commit payroll fraud by sending fake emails requesting a change to your bank details. The Australian Cyber Security Centre (ACSC) is aware that fraudulent emails have been received by organisations across Australia. These emails spoof the emails and signature blocks of staff, and are sent to HR/payroll areas appearing to ask for a change in bank account details for the current or next pay.  Workers often become targets while on holiday, when their Facebook or Instagram updates reveal that they are away for an extended period of time.
JCSC

ACSC program enters its next phase through JCSCs

Apr 1, 2019 - The ACSC Partnership Program is increasingly bringing industry, academia, law enforcement and government agencies together in collaborative workspaces, enabling information-sharing and network-hardening across the economy.
PayPal logo

Fake Paypal emails request ‘account details’

Mar 30, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails that are falsely advising Australians that their account has violated Paypal rules. These phishing emails try to lure the recipient into sharing personal information, which could then be used for identity theft and financial gain by cyber criminals. The recipient is told their account will be permanently disabled within 48 hours unless the user logs-in using the link provided within the email to ‘update account details’ and ‘activate your account’.
Cyber resilience

Plug in to ACSC for cyber resilience

Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.
Software update

Keeping up with the updates

Mar 26, 2019 - The Australian Cyber Security Centre (ACSC) advises users of Drupal and Firefox to implement the latest fixes for vulnerabilities. Cyber criminals will use any weakness in software and apps to access your phone or device. You can protect yourself by installing the updates that are regularly distributed by the company and are designed to fix these weaknesses. These updates can introduce new features as well as fix newly discovered vulnerabilities. To stay one step ahead of updates, and cyber criminals, we recommend that you set your phone and device/s to auto update.
Aluminium rods

Norwegian aluminium giant hit by ransomware

Mar 21, 2019 - Norsk Hydro, a Norwegian aluminium and renewable energy company was subject to a Ransomware attack on Tuesday, 19 March 2019. The company confirmed the attack in a statement on their website
Wordpress logo

WordPress 5.1.1 security update

Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here
Unauthorised cryptomining

Fake CIA emails requesting Bitcoin or arrest

Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information relating to their relative/s are contained in a case file. The recipient is advised they can avoid arrest by paying a $10,000 USD in bitcoin.
Photo of Kylie

Women in cyber security: Kylie McDevitt

Mar 8, 2019 - Network engineering, common sense and top-grade resilience have propelled Kylie McDevitt into her role in the heart of cyber security in Australia’s capital. Kylie is the director of a security research and engineering team within the Australian Cyber Security Centre (ACSC) and is also founder of BSides Canberra – the largest hacker forum in Australia. Better known by her Twitter handle @kylieengineer, she has much wisdom to share about studying and working as a minority since the 1990s.
Google chrome logo

Google Chrome Security Update

Mar 8, 2019 - The Australian Cyber Security Centre (ACSC) advises Google Chrome users update their browser in order to patch a known vulnerability. Google has released Chrome version 72.0.3626.121 for Mac, Windows and Linux. The update addresses a vulnerability which allows a remote attacker to take control of an affected system. The ACSC recommends users apply the necessary updates to ensure their systems are best protected.
Map with GPS markers

GPS week roll over April 6th

Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.