Search

Internet of Things devices   Guidance

Apr 11, 2023 - IoT devices can include smart televisions, security cameras and fridges. Learn how to buy and use IoT devices securely.

Social media terms of use  

May 7, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

Set secure passphrases  

Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence. 

Launch of the Annual Threat Report   News

Nov 4, 2022 - The Annual Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.

Security tips for social media and messaging apps   Publication

Jul 14, 2022 - It's a great way to stay in touch and share content online. This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.

Report and recover from hacking   Guidance

Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.

Engaging with artificial intelligence   Publication

Jan 24, 2024 - The purpose of this paper is to provide organisations with guidance on how to use artificial intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cybersecurity mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.

Cryptomining   Threat

Jun 23, 2020 - Cryptocurrency mining (cryptomining) uses the processing power of computers to solve complex mathematical problems and verify cybercurrency transactions. The miners are then rewarded with a small amount of cybercurrency.

User education  

Apr 11, 2023 - This page lists publications on cybersecurity that relate to the behaviour of people and virtual communities of people.

Cybersecurity terminology   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.

Protecting against business email compromise   Publication

Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.

Report and recover from business email compromise   Guidance

Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.

Quishing   Threat

Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations   Advisory

Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.

Australian Signals Directorate’s Cyber Security Partnership Program   Program page

The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Business resources  

Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.

Report and recover from malware   Guidance

Nov 10, 2023 - If you’ve fallen victim to a malware attack, find out what to do and who to contact.

Small business cybersecurity guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyberthreats.

The Case for Memory Safe Roadmaps   Publication

Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.

Planning for critical vulnerabilities: What the board of directors needs to know   Publication

Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.

Securing customer personal data   Guidance

Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Cybersecurity for charities and not-for-profits   Guidance

Mar 12, 2024 - How to avoid common cyberthreats and protect your mission .

Secure your Wi-Fi and router   Guidance

Oct 29, 2024 - How to make your software, devices and networks harder to access and more resilient to attack.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

Archived reports and statistics  

Feb 13, 2025 - Search archived report and statistics

Secure your NAS device   Guidance

Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

2021 Top Malware Strains   Advisory

Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).

Guidelines for procurement and outsourcing   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on procurement and outsourcing activities.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.