Skip to main content

Cyber security

Web Conferencing Security

Apr 2, 2020 - Web conferencing solutions (also commonly referred to as online collaboration tools) often provide audio/video conferencing, real-time chat, desktop sharing and file transfer capabilities. As we increasingly use web conferencing to keep in touch while working from home, it is important to ensure that this is done securely without introducing unnecessary privacy, security and legal risks. This document provides guidance on both how to select a web conferencing solution and how to use it securely.

The Commonwealth Cyber Security Posture in 2019

Apr 9, 2020 - The Commonwealth Cyber Security Posture in 2019 report informs the Parliament of the status of the Commonwealth’s cyber security posture. Overall, the report found that Commonwealth entities continue to improve their cyber security, although additional work is required for Commonwealth entities to reach a mature and resilient cyber security posture that meets the evolving threat environment.
Warehouse - small business - man - landing

Protecting small business against cyber attacks during COVID-19

Apr 7, 2020 - The Australian Cyber Security Centre (ACSC) has published advice on how small businesses can better protect themselves from cyber attacks and disruptions during COVID-19. The Head of the ACSC, Ms Abigail Bradshaw CSC, said since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia and small businesses are far from immune.
COVID-19 advice

COVID-19: Protecting Your Small Business

Apr 6, 2020 - This guide has been developed to help small and micro businesses adapt to working during the COVID-19 pandemic. This document will help businesses with simple and actionable advice in order to both identify common and emerging cyber threats and develop resilient business practices to protect themselves.
Code on mobile and laptop

Australian Government Information Security Manual updated

Sep 4, 2019 - The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats. Updated monthly, the ISM is created primarily for Chief Information Security Officers and cyber security professionals to keep up-to-date with current cyber security risks and appropriate mitigation strategies.
Cyber resilience

Electricity program generates a buzz

Aug 29, 2019 - The Australian Cyber Security Centre (ACSC) has been actively working with energy sector organisations and government agencies to strengthen their resilience to cyber security threats. In November 2018, the ACSC commenced a nationwide program of cyber security resilience and response activities for Australia’s electricity industry.
stall holder

Largest survey to improve cyber security for Australia’s small businesses

Aug 28, 2019 - It takes a team effort to make Australia the safest place to connect online, and this is one of the reasons why the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is undertaking its largest-ever survey of small to medium-sized businesses in Australia.
Code on mobile and laptop

Cyber defences tested in the ACSC and Splunk BOTS Day

Jul 25, 2019 - The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.
acsc-asean-2019

ACSC-ASEAN Strengthening Regional Cyber Security

Jul 1, 2019 - An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
we want to hear from you. Cyber security survey for small business

ACSC Small Business Survey. Tell us about your cyber security challenges

Jun 17, 2019 - The ACSC Small Business Survey is being shared with a range of government and small business support groups around Australia, inviting members and stakeholders to participate. The survey is an opportunity to share the challenges small businesses face and to know what they’re worried about, so we can help businesses of all kinds manage risks and minimise harm.

What Executives Should Know About Cyber Security

Apr 30, 2019 - This publication discusses high-level topics that executives should know about cyber security within their organisations.
MSP Partner Program

Registration date extended to join our MSP3 program

Apr 17, 2019 - Head of the Australian Cyber Security Centre Alastair MacGibbon has issued an update for registered MSPs and those considering applying to join the Managed Service Provider Partner Program – MSP3. Registration has been extended through to 30 April 2019 and the due date for the return of the surveys is now 31 May 2019. For more information you can view the Program Update here.     
Google chrome logo

Google Chrome Security Update

Mar 8, 2019 - The Australian Cyber Security Centre (ACSC) advises Google Chrome users update their browser in order to patch a known vulnerability. Google has released Chrome version 72.0.3626.121 for Mac, Windows and Linux. The update addresses a vulnerability which allows a remote attacker to take control of an affected system. The ACSC recommends users apply the necessary updates to ensure their systems are best protected.
Parliament cyber security

ACSC detects malicious activity targeting political party networks

Feb 19, 2019 - During the course of the investigation into the recent compromise of the Australian Parliament House network, the ACSC has identified that networks of some political parties have also been affected by a cyber security incident. In speeches delivered to Parliament on Monday 18 February 2019, Prime Minister Scott Morrison and Opposition Leader Bill Shorten acknowledged the Australian security and intelligence community have detected malicious activity by a sophisticated state actor, on the networks of a number of Australian political parties including Liberal, Labor and The…
Scammer calling

Scammers claiming to be from ICT service desks targeting user multi-factor authentication

Feb 1, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a phone scam asking staff members of a critical infrastructure organisation to reveal their multifactor authentication credentials. The scammers seek to convince staff members to reveal their credentials by impersonating the service desk on a direct telephone call.
MSSP

Has the global MSP hack affected your business?

Jan 18, 2019 - The global hack of ICT managed service providers, or MSPs, has affected businesses across Australia and the world. MSPs manage IT services and infrastructure for businesses of all sizes, and access their customers’ systems remotely, making them attractive targets for state actors and cybercriminals. If you use the services of an MSP, the global hack means your business may have been compromised, leaving your intellectual property and customer data, among other critical information, vulnerable.

Facebook warns 6.8 million users about photo bug

Dec 14, 2018 - Up to 6.8 million people who uploaded their photos to Facebook may have shared more than they intended to because of an application program interface (API) bug. 'Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers,' Facebook said in a statement. Facebook said the bug gave third-party app developers too much access to people's uploaded photos between 13-25 September 2018.
Flash player logo

Adobe urges users to patch Flash Player

Dec 6, 2018 - Adobe has released security updates for its widely used Flash Player app to help users defend themselves against the latest malware. Users who fail to update their Flash Player app could be vulnerable to cyber criminals, who could use it as an opportunity to access data, programs, individual computers or networks.

Inspiring a new generation

Dec 4, 2018 - Australia's best young cyber stars have been recognised in the Cyber Security Challenge Australia (CySCA), the nation's flagship hacking competition for tertiary students. The Australian Signals Directorate (ASD) and industry partners run the challenge to address the critical cyber security skills shortage by encouraging young Australians to pursue a career in the field. The latest research reveals the domestic cyber security industry must employ over 45,000 additional workers over the next decade to build a cyber security sector that advances Australia’s cyber resilience.

Marriott, Starwood hit by security incident

Dec 1, 2018 - The Marriott Group have released a statement regarding a significant data security incident involving their Starwood Guest Reservation database. An investigation undertaken by Marriott in September 2018 determined that there had been unauthorised access to the database, which contained guest information relating to reservations at Starwood properties since 2014.
Feature - APRA

We all have a stake in cyber security

Nov 12, 2018 - Australia’s banks, insurers and superannuation funds are an attractive target for cyber criminals, so all financial institutions must be able to handle cyber risks and regularly test their own defences. To help businesses and organisations better protect themselves, and respond quickly and effectively if a cyber attack occurs, a new standard for information security management has been released by the Australian Prudential Regulation Authority (APRA). The new Prudential Standard CPS 234 Information Security is intended to shore up APRA-regulated entities’ resilience against…
Feature - Women in Cyber

Women in security, "You can't be what you can't see"

Nov 1, 2018 - 'A masterclass in national security' is how many participants have described the Women in National Security Conference hosted by the Australian National University's (ANU) National Security College (NSC) in Canberra last week. Secretary of the Department of Foreign Affairs and Trade, Frances Adamson, said the work of women is essential for successful outcomes in a broad range of fields -- crisis management, international legal practice, intelligence analysis, peacekeeping and diplomacy.

What's up with WhatsApp?

Oct 24, 2018 - Popular messaging app WhatsApp has more than a billion users, including 6 million Australians, which makes it a popular hunting ground for cyber criminals and misinformation merchants alike. As a result, the company, which is owned by social media platform Facebook, is testing new limits on the number of people to whom private WhatsApp messages can be forwarded in Brazil, after recent political controversy there about misinformation, and to maintain what the organisation describes as a 'feeling of intimacy' for its users. WhatsApp is primarily an end-to-end encrypted…

UK NCSC releases second Annual Review

Oct 15, 2018 - On its second anniversary, the United Kingdom's National Cyber Security Centre (NCSC), has published its second Annual Review, highlighting the sustained threat to the UK from hostile state actors and cyber criminals. The report, released on Tuesday 16 October 2018, revealed the NCSC had defended the UK from an average of more than 10 attacks per week.

A curious mind - CYSCA 2018

Oct 11, 2018 - Australia's flagship national cyber security challenge wrapped up in Melbourne yesterday after a record number of Australian tertiary students battled to reverse real-world cyber threats around Australia. Defending champion the University of New South Wales was victorious again, taking first and second place, with Monash University coming third. For the first time ever, eight teams competed live in Melbourne including two women's teams from RMIT and the Box Hill Institute.
Stay Smart Online Week 2018 in Melbourne

Reversing the threat of cyber crime together

Oct 9, 2018 - In a show of strength to reverse the threat of cybercrime for all Australians, members of the business, government and cyber security community gathered for national Stay Smart Online Week 2018 in Melbourne today to share information about the latest challenges in cyber security in Australia and confirm their commitment to supporting a cyber-aware community. Hosted by ANZ the Stay Smart Online Week Industry Breakfast included a message from Alastair MacGibbon, Head of the Australian Cyber Security Centre (ACSC), who said raising awareness of the importance of cyber security to…

Stay Smart Online. Reverse the Threat

Oct 8, 2018 - Each year the number of Australians impacted by cybercriminals continues to rise. In 2017, over 6 million adult Australians were impacted by cybercrime - that's one in every four Australians. This is a statistic that needs to be reversed. At a time when the majority of us are online to conduct our day-to-day activities, cybercriminals are looking for gaps in our online accounts, in an attempt to exploit our busy lives and steal our money or personal information. 
Canadian Centre for Cyber Security

Canadian Centre for Cyber Security launches

Oct 3, 2018 - This week the Canadian Centre for Cyber Security (CCCS) officially began operations. The new Centre will support a unified approach to cyber security and build community awareness and education. It will provide expert advice, guidance, services and support on cyber security for Canadian businesses, industry, governments, citizens, and international partners. The Centre is made up of elements of existing government agencies including Public Safety Canada, Shared Services Canada and the Communications Security Establishment.
Feature - Senior Australians

Working to protect senior Australians

Sep 21, 2018 - Supporting and protecting senior members of our community from online threats is an important focus for the Australian Government, according to the Minister for Home Affairs, Peter Dutton. ‘We want to say to all Australians, particularly older Australians – as they use internet banking, as they converse online, as they use social media, as they answer their emails – we want people to think twice before they provide any details online,’ Minister Dutton told the House of Representatives this week.
Netflix logo

Netflix warns users about malicious emails

Sep 17, 2018 - Always question unexpected requests for your personal or financial information, and keep your passwords safe. Netflix warned subscribers at the weekend about a malicious email campaign that entices users to follow a 'link' to update bank details, but which instead gives cyber criminals access to your bank account. If you suspect you have received a fraudulent email or text message that appears to be from the company, Netflix advises that you follow these tips to keep your information safe and secure:

US urges cyber vigilance after Hurricane Florence

Sep 17, 2018 - Fraudsters often try to exploit our willingness to help those in need, as Australians have experienced in the aftermath of devastating cyclones. The National Cybersecurity and Communications Integration Centre (NCCIC) in the United States has warned users and administrators to be vigilant for malicious cyber activity in the aftermath of Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites.
Pacific Cyber Security Operational Network

Strengthening cyber security across the Pacific

Sep 13, 2018 - As the digital economy expands across the Pacific, cyber criminals are extending their reach into the lives of our neighbours. Amid this more complex cyber ecosystem, a broader concept of security that includes cyber security has been affirmed by the Forty-Ninth Pacific Islands Forum in Nauru. "Tackling cybercrime needs the close involvement of governments and businesses, and we're working hard to strengthen cyber security together" said Alastair MacGibbon, Head of the Australian Cyber Security Centre (ACSC). "It's important that there aren’t any safe havens"

Don't abandon your domain to cyber criminals

Sep 11, 2018 - Losing control of your email service is devastating, even if your company has merged or shut down. A domain name is a core foundation of every business and email is an essential service. Allowing corporate domain names to expire puts businesses at risk, potentially exposing clients’ personal and confidential information, client-legal privileged information and financial details.

Five Eyes on the cyber beat

Aug 31, 2018 - Australia, Canada, New Zealand, the United Kingdom and the United States have reaffirmed a collective resolve to protect us from cyber criminals. Home Affairs, Homeland Security, Public Safety and Immigration Ministers from the Five Eyes countries met on the Gold Coast this week to discuss how to better collaborate to meet common security challenges.

Ransomware continues to target Australians

Jul 1, 2018 - The Australian Cyber Security Centre (ACSC) is asking Australians to remain vigilant of ransomware and the damage it can cause. The Centre is urging all Australians, including businesses owners and operators to patch their systems. "Ransomware continues to be one of the greatest cyber security threats to us all. And due to its non-discriminatory nature, if your network is unprotected you may fall victim" said head of the Australian Cyber Security Centre Alastair MacGibbon.