Search

Remote working  

Jul 30, 2024 - This page lists publications on working securely when away from the office environment.

Social media terms of use  

May 7, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

Set secure passphrases  

Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence. 

Report and recover from hacking   Guidance

Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.

Engaging with artificial intelligence   Publication

Jan 24, 2024 - The purpose of this paper is to provide organisations with guidance on how to use artificial intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cybersecurity mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.

Launch of the Annual Threat Report   News

Nov 4, 2022 - The Annual Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.

Security tips for social media and messaging apps   Publication

Jul 14, 2022 - It's a great way to stay in touch and share content online. This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.

Cryptomining   Threat

Jun 23, 2020 - Cryptocurrency mining (cryptomining) uses the processing power of computers to solve complex mathematical problems and verify cybercurrency transactions. The miners are then rewarded with a small amount of cybercurrency.

Protecting against business email compromise   Publication

Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.

Report and recover from business email compromise   Guidance

Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.

Quishing   Threat

Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.

Managing cryptographic keys and secrets   Publication

Aug 26, 2025 - This guide has been developed to help organisational personnel in understanding the threat environment and the value of implementing secure keys and secrets management to make better informed decisions.

Australian Signals Directorate’s Cyber Security Partnership Program   Program page

The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Securing customer personal data   Guidance

Jul 23, 2025 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure   Advisory

Dec 10, 2025 - This joint Cybersecurity Advisory Advisory outlines the tactics, techniques and procedures used by pro-Russia hacktivist groups conducting unsophisticated attacks against US and global critical infrastructure, as well as recommended mitigations.

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations   Advisory

Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.

Report and recover from malware   Guidance

Nov 10, 2023 - If you’ve fallen victim to a malware attack, find out what to do and who to contact.

Small business cyber security guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyber threats.

The case for memory safe roadmaps   Publication

Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.

Planning for critical vulnerabilities: What the board of directors needs to know   Publication

Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.