Australia’s Critical Infrastructure Is Under Constant Attack

A cyber attack is being reported in Australia every 7.8 minutes as sophisticated hackers, including foreign governments, target the nation’s critical infrastructure and essential services such as hospitals, food distribution and electricity systems. 

Australia has reported a 13% jump in cyber crime in the past year, with about one incident in four targeting critical infrastructure and services as working from home during the pandemic made more people vulnerable to online attacks. 

The Australian Cyber Security Centre (ACSC) says that malicious actors have pivoted to exploit the those working from home and targeting vulnerable people and health services to conduct espionage, and steal money and sensitive data. The wave of hacks last financial year included a significant ransomware attack against a Victorian public health service in March, which affected four hospitals and aged care homes and resulted in the postponement of elective surgeries.

These incidents have “underscored the vulnerability of critical infrastructure to significant disruption in essential services, lost revenue and the potential of harm or loss of life”.

The ACSC, which is part of the Australian Signals Directorate spy agency, received more than 67,500 reports of cyber crime of all types in 2020-21, or one every eight minute compared with one every 10 minutes the previous year  The ACSC also report  ransomware attacks disclosed to the ACSC increased 15% in the 2020-21 financial year, when compared with the previous financial year. The report found cyber criminals exploited the Coronavirus situation in Australia, with more than 18,000 cybercrimes related to the pandemic.

The ACSC report, which covers the period from July 2020 to June 2021, says businesses, individuals and other entities had incurred more than $33bn in total losses from cyber crime throughout the year.

Cyber criminals sought to exploit the pandemic by encouraging recipients to enter personal credentials to access Covid-related information or services, while unnamed foreign governments targeted the health sector seeking “access to intellectual property or sensitive information about Australia’s response to Covid”.

The ACSC responded to about 1,630 cybersecurity incidents in 2020-21, or an average of 31 cybersecurity incidents a week.
“Approximately one quarter of reported cybersecurity incidents affected critical infrastructure organisations, including essential services such as education, health, communications, electricity, water and transport,” the report says. A breakdown of the severity of cyber incidents in 2020-21 shows there were 14 cases in which federal government entities or nationally significant infrastructure suffered the removal or damage of sensitive data or intellectual property.

The Australian government has been growing increasingly concerned about the threat of “grey zone” attacks from countries such as China and Russia. The “grey zone” refers to a growing area of political warfare that falls somewhere between war and peace and includes cyber attacks, disinformation campaigns, intellectual property theft, coercion and propaganda.

ACSC:     Reuters:    7News:    Bloomberg:    SMH:      The Age:     Guardian

You Might Also Read: 

Australia To Spend Another A$1billion On Cyber Security:

 

« Industrial Companies At Risk As Attacks Double
Everything You Need To Know About Business Password Safety »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Axial

Axial

Axial Systems is one of the UK’s leading solution providers and systems integrators in network, security and services.

CERT Polska

CERT Polska

CERT Polska is the first Polish computer emergency response team and operates within the structures of NASK (Research and Academic Computer Network) research institute.

Applause

Applause

Applause provides real-world software testing for functionality, usability, accessibility, load, localization and security.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Hornetsecurity

Hornetsecurity

Hornetsecurity offers managed cloud security solutions like Email archiving, Email encryption, Email spam filter, web filter and cloud storage.

Viscount Systems

Viscount Systems

Viscount Systems is a global security software solutions company that is changing the way access control is deployed and managed in the enterprise.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

Cybersecurity Manufacturing Innovation Institute (CyManII)

Cybersecurity Manufacturing Innovation Institute (CyManII)

CyManII was established to create economically viable, pervasive, and inconspicuous cybersecurity in American manufacturing to secure the digital supply chain and energy automation.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.

Deepwatch

Deepwatch

deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry.

Quantinuum

Quantinuum

Quantinuum is the combination of Cambridge Quantum with Honeywell Quantum Solutions, structured to drive the future of quantum computing.

Technology Innovation & Startup Centre (TISC)

Technology Innovation & Startup Centre (TISC)

TISC is a startup incubator at the Indian Institute of Technology Jodhpur (IITJ) and we back deep-tech startups.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.