As the new year is here and we’re all returning to the office, it’s an excellent chance to look back at 2020 and how the cyber threats evolved over that year.
The explosion in work-from-home arrangements and online-only services has massively increased the reliance on online services and expanded the attack surface.
The Australian Government body responsible for providing cyber security advice to businesses and individuals is the Australian Cyber Security Centre (ACSC), based within Australia’s national security agency. The ACSC publishes advice and receives cybercrime reports, and provides related services.
Annual Cyber Threat Report
According to the latest ACSC threat report, between July 1, 2019 and June 30, 2020:
- ACSC responded to 2,266 cybersecurity incidents
- ACSC received 59,806 cybercrime reports – averaging 164 cybercrime reports per day, or one report every 10 minutes
- Phishing and spear-phishing remain the most common methods used by cyber adversaries to gain access
- Ransomware has become one of the most significant threats given the potential impact on operations
- Recovering from ransomware is almost impossible without comprehensive backups
- Most common reported cyber crime categories were fraud and identity crime
- Likelihood and severity of cyber-attacks is increasing due to our growing dependence on new information technology platforms and interconnected devices and systems.
ACSC provides excellent advice on cyber security to individuals and businesses – I’ve included links to select ACSC resources are at the end of this article.
Improving Cybersecurity in 2021
The post-2020 world is going to be even more reliant on online services, and hence even more exposed to cyber threats.
If you would like to improve your personal cyber security then I highly recommend visiting the ACSC website and having a look at the advice provided. If you know someone who works in the field then don’t hesitate to reach out to them for advice – most cybersecurity professionals I’ve met are happy to help protect their friends and family from cyber threats.
If you run a business then ACSC also provides actionable advice. For a business, the “always online, always connected” requirements mean additional demands on your IT and security resources.
The ACSC advice for SME is extensive and should be consulted, however, a short summary is:
- Be cautious of email and other messages asking you to action
- Have regular backups
- Keep all software updated (and only use software that is still receiving updates)
- Implement internal processes and cybersecurity training
Lastly, I’d like to share with you this quote from the Australian Minister for Defense:
“I urge all Australians to go online and visit cyber.gov.au for tips on how to act now and stay secure. Even small steps can make a big difference.”
Selected useful ACSC resources for individuals and businesses:
- The ACSC website is here: https://www.cyber.gov.au/
- The ACSC cyber security campaign Ransomware page is here: https://www.cyber.gov.au/ransomware
- You can report cybercrime to ACSC here: https://www.cyber.gov.au/acsc/report
- ACSC for individuals and families: https://www.cyber.gov.au/acsc/individuals-and-families
- ACSC for businesses (small and medium): https://www.cyber.gov.au/acsc/small-and-medium-businesses
- ACSC for large businesses: https://www.cyber.gov.au/acsc/large-organisations-and-infrastructure
- ACSC 2019-2020 Threat Report is here: https://www.cyber.gov.au/sites/default/files/2020-09/ACSC-Annual-Cyber-Threat-Report-2019-20.pdf