Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Latest threat advice

Digital processing

Phishing - Large organisations

Jul 1, 2018 - Phishing is a method of stealing confidential information by sending fraudulent messages to a victim. It is one of the most prevalent scams reported in Australia. These messages can be sent via email, SMS, social media, instant messenger or phone call. They can look extremely sophisticated and convincing, replicating legitimate messages from reputable senders. . What is phishing? Phishing is a…
Distributed Denial of Service

Distributed Denial of Service

Jul 1, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice. . What is a distributed denial of service attack? A distributed denial of service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic. DDoS usually uses a network of…
Romance scams

Dating and romance scams

Jul 1, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice. The below is based primarily on the advice of the NSW Police. . What are dating and romance scams? Scammers often approach their victims on legitimate dating websites before attempting to move the 'relationship' away…
Data breach cyber attack

Data breaches

Jul 1, 2018 - Organisations collect and store a lot of personal details. You trust them with your address, credit card number, health records and more. Sometimes personal information is released to unauthorised people by accident, or as the result of a security breach. For example, an email with personal information can be sent to the wrong person, or a computer system can be hacked and personal information stolen. These are known as…
Unauthorised cryptomining

Unauthorised cryptomining

Jul 1, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice. . What is unauthorised cryptocurrency mining? Cryptocurrency mining (cryptomining) software uses a system's processing power to solve complex mathematical problems, in return for a type of digital currency. Unauthorised…
Cyber threats

Common threat types

Jul 1, 2018 - The cyber threat to Australian individuals and organisations is undeniable, unrelenting and continues to grow. You could be a target even if you don't think the information held on your networks is valuable, or that your business would be of interest to cyber adversaries. Many organisations are at risk purely because they are vulnerable through unpatched software or unaware staff members. Common threats impacting…
Automated alerts

Business email compromise

Jul 1, 2018 - Business email compromise (BEC) is an online scam where a cybercriminal impersonates a business representative to trick you, an employee, customer or vendor into transferring money or sensitive information to the scammer. To begin, a cybercriminal impersonates a trusted person using an email address that appears to be legitimate (this is known as "masquerading"). To do this, they may use a username that is almost…

New US Malware Report on state-sponsored actors

Jul 1, 2018 - The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have released a new report, covering technical details on the tools and infrastructure used by North Korean state-sponsored cyber actors. This is the latest in a series of Malware Analysis Reports (MAR) relating to activity by North Korea. The Australian Cyber Security Centre is sharing this information to enable network defenders…
VPN Filter Attack

Protect your devices against VPNFilter malware

May 25, 2018 - Australian users need to be aware of VPNFilter malware, which is known to affect networking equipment including Linksys, MikroTik, Netgear and TP-Link, as well as QNAP network-attached storage (NAS) devices. Once a malicious actor compromises a device using VPNFilter malware, they are able to collect network traffic (including website credentials) traversing the device. Importantly, the malware can also be used to…

Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors

Apr 17, 2018 - Russian state-sponsored actors are responsible for activity targeting Cisco devices using the Smart Install feature worldwide, including Australia. Cisco has published the actions needed to secure the Smart Install feature in, Action Required to Secure the Cisco IOS and IOS XE Smart Install Feature. The ACSC has previously released guidance on cyber adversaries targeting this feature to extract configuration files from…