You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 181 - 210 of 402 results.
Guidelines for cybersecurity documentation Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.
AI Data Security Publication
May 23, 2025 - This publication provides essential data security guidance for organisations that develop and/or use AI systems, including businesses, government and critical infrastructure. It highlights the importance of data security in ensuring the accuracy and integrity of AI outcomes, and presents an in-depth examination of 3 areas of data security risks in AI systems: data supply chain, maliciously modified (poisoned) data, and data drift.
Security considerations for edge devices Publication
Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.
Secure by Demand Publication
Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.
Cybersecurity terminology Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.
Exploitation of existing Fortinet Vulnerabilities Alert
Apr 11, 2025 - Fortinet has released information regarding exploitation of previously known vulnerabilities affecting Fortinet devices. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s advisory page.
Multiple vulnerabilities present in the Spring Framework for Java Alert
Apr 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.
Archived reports and statistics
Feb 13, 2025 - Search archived report and statistics
The Commonwealth Cyber Security Posture in 2024 Reports and statistics
Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.
Choosing secure and verifiable technologies Publication
Dec 5, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.
Identifying and Mitigating Living Off the Land Techniques Advisory
Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.
2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0 Advisory
Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.
Mitigation strategies for edge devices: Practitioner guidance Publication
Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.
Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era Publication
Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.
2023-01: ASD's ACSC Ransomware Profile - Royal Advisory
Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.
Fundamentals of Cross Domain Solutions Publication
Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.
Enhanced visibility and hardening guidance for communications infrastructure Advisory
Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.
2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0 Advisory
Aug 5, 2021 - The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.
Patching applications and operating systems Publication
Nov 27, 2023 - Applying patches to applications and operating systems is critical to keeping systems secure. Patching forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents.
Secure by Design foundations Publication
Jul 30, 2024 - ASD’s ACSC's Secure by Design foundations represent a first step in a new approach to assist technology manufacturers and customers to adopt Secure by Design. While the foundations are primarily designed to foster discussion within technology manufacturers on how to best approach Secure by Design, they contain relevant information and actions for technology customers.
Cyber resources for small businesses News
Feb 11, 2022 - Last December, the Council of Small Business Organisations Australia (COSBOA) co-hosted an Act Now, Stay Secure breakfast at the National Portrait Gallery, along with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the Department of Home Affairs.
Gateway security guidance package: Gateway operations and management Publication
Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
Cybersecurity Best Practices for Smart Cities Publication
Apr 20, 2023 - This guidance is the result of a collaborative effort from the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).
Mitigation strategies for edge devices: Executive guidance Publication
Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.
Australian Signals Directorate’s Cyber Security Partnership Program Program page
The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
PRC State-Sponsored Cyber Activity Advisory
Mar 20, 2024 - This fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as "Volt Typhoon."
Malicious insiders Threat
Jun 23, 2020 - Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems. It does not include well-meaning staff who accidentally put your cyber security at risk or spill data.
Supporting Australian organisations through a cybersecurity incident Guidance
Dec 18, 2024 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cybersecurity incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek technical incident response advice and assistance.
Secure your website Guidance
Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
Deploying AI Systems Securely Publication
Apr 16, 2024 - AI security is a rapidly evolving area of research. As agencies, industry, and academia discover potential weaknesses in AI technology and techniques to exploit them, organizations will need to update their AI systems to address the changing risks, in addition to applying traditional IT best practices to AI systems.
