Search

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Cloud computing security for cloud service providers   Publication

Jan 18, 2024 - This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.

Enhanced visibility and hardening guidance for communications infrastructure   Advisory

Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.

Secure your Wi-Fi and router   Guidance

Oct 29, 2024 - How to make your software, devices and networks harder to access and more resilient to attack.

Malicious email mitigation strategies   Publication

Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

2022 Top Routinely Exploited Vulnerabilities   Advisory

Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).

Threat update: COVID-19 malicious cyber activity 20 April 2020   Advisory

Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.

How to combat fake emails   Publication

Oct 6, 2021 - Organisations can reduce the likelihood of their domains being used to support fake emails by implementing Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) records in their Domain Name System (DNS) configuration. Using DMARC with DomainKeys Identified Mail (DKIM) to sign emails provides further safety against fake emails. Likewise, organisations can better protect their users against fake emails by ensuring their email systems use and apply SPF, DKIM and DMARC policies on inbound email.

PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure   Advisory

Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure   Advisory

Sep 6, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.

Summary of Tactics, Techniques and Procedures Used to Target Australian Networks   Advisory

May 20, 2020 - This advisory provides information on methods to detect many of the TTPs listed. Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs.

People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations   Advisory

Sep 19, 2024 - Cyber actors may have used botnet to compromise thousands of Internet-connected devices.

Priority logs for SIEM ingestion: Practitioner guidance   Publication

May 27, 2025 - This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.

ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022   Reports and statistics

Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.

Glossary  

List of glossary terms used on cyber.gov.au website

ASD Cyber Threat Report 2022-2023   Reports and statistics

Nov 14, 2023 - The ASD's Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System   Advisory

Aug 28, 2025 - This joint cyber security advisory gives vital insights on People’s Republic of China (PRC) state-sponsored cyber threat actors, how they gain and maintain persistent access, and the capabilities they have. It provides threat hunting guidance and mitigation strategies to help safeguard your networks.

Guidelines for system management   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on system management.

Planning for post-quantum cryptography   Publication

Sep 22, 2025 - A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cyber security risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.

Secure your NAS device   Guidance

Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.

Using the information security manual   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.

Guidelines for evaluated products   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on evaluated products.

Guidelines for cybersecurity roles   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity roles.

Guidelines for communications infrastructure   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications infrastructure.

Advice for Malicious Cyber Activity by Iran   News

Sep 15, 2022 - Australian organisations are urged to be alert to continued malicious cyber activity conducted by Advanced Persistent Threat (APT) actors, assessed to be affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).

Exercise in a Box is here   News

Nov 17, 2022 - This service provides an all in one platform that your organisation can use to assess and improve its cyber security practices in your own time, in a safe environment, and as many times as you want.

Choosing secure and verifiable technologies   Publication

Dec 5, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.

Cyber security for charities and not-for-profits   Guidance

Sep 30, 2025 - How to avoid common cyber threats and protect your mission .

Cloud services   Program page

Feb 24, 2023 - The Cloud Services Certification Program (CSCP) ceased on 2 March 2020. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) ceased the Certified Cloud Services List (CCSL) on 27 July 2020 and concurrently released the Cloud Security Guidance package.