Tag: ACSC

1
Under attack: Lion suffers second cyberattack and the Federal Government warns of an active cyberattack on Australian organisations
2
A phishing pandemic (and offensive): Part III
3
Australian organisations hit by thousands of significant cyber incidents
4
Australian Cyber Security Centre (ACSC) 2015 Threat Report

Under attack: Lion suffers second cyberattack and the Federal Government warns of an active cyberattack on Australian organisations

By Cameron Abbott, Keely O’Dowd and Rebecca Gill

News reports have revealed that Lion Beer Australia has suffered a second cyberattack within a week of falling victim to a ransomware attack. While Lion continues to recover from the first cyberattack, it must now investigate, respond and recover from this second attack.

Today, Lion announced it had received reports of Lion document lists posted online in recent days. It is continuing to investigate if any data has been removed from its system. Lion has also advised relevant authorities and regulators of the first incident.

Read More

A phishing pandemic (and offensive): Part III

By Cameron Abbott, Rob Pulham, Michelle Aggromito and Rebecca Gill

As noted in part I of this blog, various reports have highlighted the significant increase in phishing scams in light of the global COVID-19 pandemic. In particular, there has been an increase in coronavirus-related emails and SMS messages that are embedded with malicious links or documents, created for the purposes of stealing personal information (among other things), usually for financial gain. In order to stop the spread (pardon the pun) of such virus-inspired phishing scams, the Australian Signals Directorate (ASD) has confirmed that it has launched an offensive against malicious attackers located offshore.

Read More

Australian organisations hit by thousands of significant cyber incidents

By Cameron Abbott and Rebecca Murray

The Australian Cyber Security Centre’s (ACSC) 2016 Threat Report has revealed that Australian businesses and government have been subject to more than 15,000 significant incidents that they know of. Read the report here. They were the first to admit that given reporting is optional they cannot really determine the full impact.

Due to the current reporting regime, the ACSC has had to rely on data from callouts to CERT Australia (the national first responder to cyber incidents) to assess the extent of the problem in the private sector. CERT Australia responded to 14,804 incidents from the private sector from June 2015 to June 2016. Of those callouts, 418 involved systems of national interest and critical infrastructure. The banking, finance, energy and communications sectors were the most heavily targeted.

While the Government has introduced a bill to mandate serious data breach notification that is set to be passed in the near future (find out more about the bill here), until then, we will continue to go mostly unaware of damaging malicious cyber activity launched against Australian organisations because the private sector largely refuses report these incidents.

Australian Cyber Security Centre (ACSC) 2015 Threat Report

By Cameron Abbott and Melanie Long

On 29 July 2015, ACSC released its first unclassified ‘Threat Report’ (Report).  The Report highlights the increasing number, type and sophistication of cyber security threats in Australia, and is a timely reminder to organisations to re-assess the level of their cyber security.

The key takeaway messages from the Report include:

  • even organisations that may not think that they hold valuable information, or that they would be of interest to cyber adversaries, could be a target for malicious cyber activities
  • ensuring a resilient, cyber-secure Australia requires coordination between government and the private sector, with organisations and their users taking greater responsibility for the security of their networks and information.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.