Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Cyber Security Centre (ACSC) in May 2018. The information is designed for use by technical cyber security officers within Australian infrastructure organisations, large businesses and government agencies. This report includes indicators for web hosting providers and their customers to determine if they are victims of the campaign, which uses simple techniques and poses a risk for such organisations.
Dec 21, 2018 - The ACSC investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider. The compromise reflects those detailed in a 2017 public report ‘Operation Cloud Hopper’, which outlines APT10’s targeting of MSPs to leverage existing relationships with their customers and gain access to their customer networks.
Oct 12, 2018 - A report by international cyber security authorities highlights the use of five publicly available hacking tools and techniques, observed in recent cyber incidents around the world. The report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the UK and USA.
Jul 1, 2018 - Prior to July 2017, the Australian Internet Security Initiative (AISI) was administered by the Australian Communications and Media Authority (ACMA), which undertook research in relation to the value and role of the program. The research consisted of 24 interviews with ISPs and universities and found many of the internet providers interviewed relied solely on the AISI malware reports for information about malware infections. Internet providers usually notified their customers of their malware infection by email. More than half of the providers interviewed also provided step-by…
Oct 15, 2017 - This is the third Australian Cyber Security Centre (ACSC) Threat Report. It continues to reflect the experience, focus, and mandates of the ACSC’s member organisations. This report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained. For the first time, this year’s Threat Report also includes insights into how the ACSC works and highlights some of the ways in which we have both proactively and reactively responded to cyber threats.
Apr 15, 2017 - This is the first Australian Cyber Security Centre (ACSC) Cyber Security Survey to look across both the government and private sectors in combination. It provides an overview of how prepared Australian organisations are to meet the growing cyber threat.
Oct 15, 2016 - This is the second Australian Cyber Security Centre (ACSC) Threat Report. It continues to reflect the experience, focus, and mandates of the ACSC’s member organisations. This report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained. But we at the ACSC are not just focused on the problem. Importantly, this document also contains mitigation and remediation advice to assist organisations to prevent, and respond to, cyber threats.
Dec 15, 2015 - The 2015 Australian Cyber Security Centre (ACSC) Cyber Security Survey of major Australian businesses was conducted to obtain a better picture of Australian organisations’ understanding of cyber threats and how they are positioned to secure their networks. Download:
Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.