A survey conducted by the Australian Cyber Security Centre among organisations that are currently partners of the ACSC and its member agencies has revealed that the majority suffered security breaches in 2015-16.
Fifty eight per cent of the participating organisations “experienced at least one incident that successfully compromised data and/or systems,” the new ACSC report states.
The ACSC brings together the Australian Signals Directorate (ASD), the Defence Intelligence Organisation (DIO), the Australian Security Intelligence Organisation (ASIO), Computer Emergency Response Team (CERT) Australia, the Australian Criminal Intelligence Commission (ACIC), and the Australian Federal Police (AFP).
The new ACSC report notes that although the survey involved a “modest” sample of 113 organisations — 68 private sector and 45 government organisations — “the sample reflects some of Australia’s most significant systems of national interest.”
Ninety per cent of the organisations experienced attempts to breach their security, with phishing and social engineering being the most common form of attack (reported by 84 per cent of organisations). Malware was the second-most popular attack vector (68 per cent); denial of service attacks accounted for 23 per cent of attacks.
“Findings suggest that the current level of cyber threat activity is disruptive for organisations regardless of whether an attempt to compromise a network is successful or not,” the report states.
Although the report claims there was a “high level of resilience” among survey participants, it notes that more than half of the organisations “said they tend to be alerted to possible breaches by external parties before they detect it themselves.”
“Given that only 2% of organisations reported having completely outsourced IT functions, these figures suggest organisations are not adequately focusing on monitoring networks and detecting potentially malicious activity,” the report adds.
The ACSC’s second annual threat report, released in October, said that between July 2015 and June 2016, CERT Australia had responded to 14,804 cyber security incidents affecting Australian businesses. Of those incidents, 418 involved “systems of national interest” and critical infrastructure.
Between 1 January 2015 and 30 June 2016, the Australian Signals Directorate (ASD) responded to 1095 cyber security incidents involving government systems that were considered serious enough to warrant operational responses, the report revealed. The 2016 Threat Report included details on the compromise of Bureau of Meteorology IT systems.|
The ACSC earlier this month issued a warning to Australian enterprises that they may be exposed to security threats through their relationships with managed service providers.
The full results of the ACSC survey are available online (PDF).