Search

COVID-19 malicious cyber activity   Alert

May 22, 2020 - Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

COVID-19 themed malicious cyber activity   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Australian Information Security Evaluation Program (AISEP)   Program page

Mar 5, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).

Strategies to mitigate cybersecurity incidents: Mitigation details   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help cybersecurity professionals in all organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Secure your Microsoft Windows device   Guidance

Nov 29, 2024 - Your Microsoft Windows device often holds your most important data. Use these simple steps to protect your device from cyberattacks.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.

Fast Flux: A national security threat   Advisory

Apr 4, 2025 - This advisory is for network defenders and explains how Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection. It highlights the importance of using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux.

Guidelines for gateways   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on gateways.

Accessibility  

Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.

Antivirus software   Guidance

Apr 11, 2023 - The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.

Quishing   Threat

Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.

Small business cybersecurity guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyberthreats.

Email scammers impersonating the ASD's ACSC   Alert

Feb 3, 2025 - Email scammers are impersonating the ASD's ACSC sending out phishing emails to the public with the email content suggesting to download a malicious antivirus program.

Spotting scams   Guidance

Learn how to identify phishing messages to stay safe and protect your personal information.

If things go wrong   Guidance

If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.

Small Business Google Chromebook and ChromeOS Security Guide   Guidance

Nov 12, 2024 - This publication was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) with technical input from Chrome Engineering.

Domain Name System security for domain resolvers   Publication

Oct 6, 2021 - This publication explores DNS security for recursive resolution servers. It also shares helpful strategies to reduce the risk of DNS resolver subversion or compromise.

Secure your mobile phone   Guidance

Nov 12, 2024 - The security of your mobile phone can be as crucial as your computer. Follow these steps to protect your phone or tablet from cybercriminals.

COVID-19 Malicious Scams - Threat Awareness and Guidance   Advisory

Mar 27, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.

ASD’s role in cybersecurity: For legal practitioners   Guidance

Dec 11, 2024 - During a cybersecurity incident, or suspected cybersecurity incident, our goal is to work with impacted organisations, their legal representation, and any external vendors engaged to investigate an incident on behalf of the organisation.

Defending against the malicious use of the Tor network   Publication

Oct 6, 2021 - The Tor network is a system that conceals a user’s IP address. It allows anonymous – and often malicious – communication. This guidance shares advice on how to detect and prevent traffic from the Tor network.

Guidelines for evaluated products   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on evaluated products.

Cybersecurity Research Report   Reports and statistics

Dec 15, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) commissioned exploratory research to better understand audience awareness of cybersecurity threats and practices.

Security tips for online gaming   Guidance

Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.

Report a cyber security incident   Service

If you are reporting fraud or cybercrime, please refer to the ReportCyber – Cybercrime page.

Ransomware Playbook   Guidance

Oct 10, 2024 - This interactive guide is here to assist you with taking all of the appropriate steps to prepare for, respond to and recover from a ransomware incident.

Privacy Awareness Week 2023   News

Apr 28, 2023 - The Australian Cyber Security Centre (ACSC) is supporting with the Office of the Australian Information Commissioner (OAIC) to support Privacy Awareness Week.

Meltdown and Spectre patches unsuitable for some security products   Advisory

Jan 11, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of reporting that a variety of security products (e.g. antivirus solutions) are incompatible with Microsoft's patches for the Meltdown and Spectre vulnerabilities.

Passphrases  

Protect your accounts from cybercriminals with a secure password or passphrase.

Gateway security guidance package: Gateway technology guides   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the Gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.