Search

Scammers impersonating police to target victims for cryptocurrency/seed wallet theft   Alert

Nov 13, 2025 - The ASD’s ACSC is aware that criminals are using Australia’s national cybercrime reporting channel and impersonating police to try to scam Australians out of funds from their cryptocurrency or seed wallets.

Strategies to mitigate cybersecurity incidents   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.

Using Content Credentials to help mitigate cyber threats associated with generative AI   News

Jan 30, 2025 - With advanced AI tools, digital media can be created or modified convincingly with minimal effort and cost. Learn more about media provenance solutions to help end users verify the integrity of your organisation’s content.

Secure your website   Guidance

Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.

Business Continuity in a Box   News

Nov 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), in collaboration with the US Cybersecurity and Infrastructure Security Agency (CISA), has published a new tool, Business Continuity in a Box, to help businesses continue basic operations during or after a cyber incident.

Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity   Advisory

Sep 2, 2020 - The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.

Understand and invest in modern defensible architecture now   News

Oct 23, 2025 - We have released a new publication series in collaboration with our international partners on modern defensible architecture, providing organisations with a clear framework to begin investment and implementation.

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Supporting Australian organisations through a cyber security incident   Guidance

Oct 23, 2025 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cyber security incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek technical incident response advice and assistance.

Annual Cyber Threat Report 2024-2025   Reports and statistics

Oct 14, 2025 - ASD’s Annual Cyber Threat Report 2024–25 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.

Implementing certificates, TLS, HTTPS and opportunistic TLS   Publication

Oct 6, 2021 - Transport Layer Security (TLS) is a widely used encryption protocol which enables parties to communicate securely over the internet. Through the use of certificates and Public Key Infrastructure (PKI), parties can identify each other through a trusted intermediary and establish encrypted tunnels for the secure transfer of information.

Secure by Demand   Publication

Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.

Take action this Cyber Security Awareness Month   News

Oct 1, 2025 - Don’t get caught missing in action this Cyber Security Awareness Month.

Risk management of enterprise mobility (including Bring Your Own Device)   Publication

Oct 6, 2021 - This publication has been developed to provide senior business representatives with a list of enterprise mobility considerations. These include business cases, regulatory obligations and legislation, available budget and personnel resources, and risk tolerance. Additionally, risk management controls are provided for cybersecurity practitioners.

Creating and maintaining a definitive view of your operational technology architecture   Publication

Oct 28, 2025 - How organisations who deploy or operate operational technology systems should build, maintain and store their systems understanding.

Report and recover from identity theft   Guidance

Nov 14, 2024 - Know where to make a report and get help if someone has stolen your personal or business identity.

Report and recover from scams   Guidance

Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.

Watch out for threats  

Nov 2, 2022 - Know what to look for to stay in control of your devices and applications.