Australia’s Critical Infrastructure Is Under Constant Attack

A cyber attack is being reported in Australia every 7.8 minutes as sophisticated hackers, including foreign governments, target the nation’s critical infrastructure and essential services such as hospitals, food distribution and electricity systems. 

Australia has reported a 13% jump in cyber crime in the past year, with about one incident in four targeting critical infrastructure and services as working from home during the pandemic made more people vulnerable to online attacks. 

The Australian Cyber Security Centre (ACSC) says that malicious actors have pivoted to exploit the those working from home and targeting vulnerable people and health services to conduct espionage, and steal money and sensitive data. The wave of hacks last financial year included a significant ransomware attack against a Victorian public health service in March, which affected four hospitals and aged care homes and resulted in the postponement of elective surgeries.

These incidents have “underscored the vulnerability of critical infrastructure to significant disruption in essential services, lost revenue and the potential of harm or loss of life”.

The ACSC, which is part of the Australian Signals Directorate spy agency, received more than 67,500 reports of cyber crime of all types in 2020-21, or one every eight minute compared with one every 10 minutes the previous year  The ACSC also report  ransomware attacks disclosed to the ACSC increased 15% in the 2020-21 financial year, when compared with the previous financial year. The report found cyber criminals exploited the Coronavirus situation in Australia, with more than 18,000 cybercrimes related to the pandemic.

The ACSC report, which covers the period from July 2020 to June 2021, says businesses, individuals and other entities had incurred more than $33bn in total losses from cyber crime throughout the year.

Cyber criminals sought to exploit the pandemic by encouraging recipients to enter personal credentials to access Covid-related information or services, while unnamed foreign governments targeted the health sector seeking “access to intellectual property or sensitive information about Australia’s response to Covid”.

The ACSC responded to about 1,630 cybersecurity incidents in 2020-21, or an average of 31 cybersecurity incidents a week.
“Approximately one quarter of reported cybersecurity incidents affected critical infrastructure organisations, including essential services such as education, health, communications, electricity, water and transport,” the report says. A breakdown of the severity of cyber incidents in 2020-21 shows there were 14 cases in which federal government entities or nationally significant infrastructure suffered the removal or damage of sensitive data or intellectual property.

The Australian government has been growing increasingly concerned about the threat of “grey zone” attacks from countries such as China and Russia. The “grey zone” refers to a growing area of political warfare that falls somewhere between war and peace and includes cyber attacks, disinformation campaigns, intellectual property theft, coercion and propaganda.

ACSC:     Reuters:    7News:    Bloomberg:    SMH:      The Age:     Guardian

You Might Also Read: 

Australia To Spend Another A$1billion On Cyber Security:

 

« Industrial Companies At Risk As Attacks Double
Everything You Need To Know About Business Password Safety »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

CodeSealer

CodeSealer

CodeSealer provide invisible end-to-end user interface protection with a unique web security solution to eliminate Man-in-the-Middle and Man-in-the-Browser vulnerabilties.

Aujas Cybersecurity

Aujas Cybersecurity

Aujas has deep expertise and capabilities in Identity and Access Management, Risk Advisory, Security Verification, Security Engineering, & Managed Detection and Response services.

Healthcare Fraud Shield (HCFS)

Healthcare Fraud Shield (HCFS)

The focus of Healthcare Fraud Shield is solely on healthcare fraud prevention and payment integrity with a successful approach based on many unique advantages we deliver to our clients.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

Hubify

Hubify

Hubify is an experienced, service-driven technology company specialising in business connectivity across mobile, data, voice, cloud, & cyber security solutions.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.

EkoCyber

EkoCyber

EkoCyber partner with businesses as a value-added MSSP to provide top-tier, trusted and transparent cyber security services at an affordable price point.

Neya Systems

Neya Systems

Neya Systems, a leader in advanced off-road autonomy and high-level multi-robot mission planning, provides innovative solutions for uncrewed ground, aerial, and surface vehicles.

AuthenticID

AuthenticID

Our mission at AuthenticID is to combat fraud worldwide and help businesses protect their enterprise and valuable data assets.