The Australian Cyber Security Centre threat report 2015

Introduction: The number, type and sophistication of cyber security threats to Australia and Australians are increasing. Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries. This first unclassified report by the ACSC describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. This report also offers mitigation advice on how organisations can defend against these activities. The ACSC’s ability to detect and defend against sophisticated cyber threats continues to improve. But cyber adversaries are constantly improving their tradecraft in their attempts to defeat our network defences and exploit the new technologies we embrace. There are gaps in our understanding of the extent and nature of malicious activity, particularly against the business sector. The ACSC is reaching out to industry to build partnerships to improve our collective understanding. Future iterations of the Threat Report will benefit from these partnerships and help to close gaps in our knowledge

Malicious email mitigation strategies

Introduction Socially-engineered emails containing malicious attachments and embedded links have been observed by the Australian Signals Directorate (ASD) being used in targeted cyber intrusions against organisations. This document has been developed by ASD in collaboration with local and international partners to provide mitigation strategies for the security risk posed by malicious emails. It should be read in conjunction with the advice on email security and content filtering contained in the Australian Government Information Security Manual (ISM). Not every mitigation strategy within this document will be suitable for all organisations. Organisations should consider their unique business requirements and risk environment when deciding which mitigation strategies to implement. Furthermore, before any mitigation strategy is implemented, comprehensive testing should be undertaken to minimise any unintended disruptions to the organisation’s business

Complex Regimes: How overlapping and inconsistent regulation constrains the adoption of cloud services

Inconsistent and unclear regulatory regimes for cloud-service providers could challenge essential cyber security protections for Australians at a time of escalating cyber incidents and geopolitical risk. A plethora of Australian Government and state-based laws, devised incrementally over the last 15 years, has created a complex regulatory framework that is likely to result in increased costs, variable compliance, and decreased confidence in the provision of cyber security services by cloud service providers. These unintended impacts have been revealed by research conducted by the Cyber Security Cooperative Research Centre and SAP, working with UNSW Sydney and Deakin University. The comprehensive review of the web of regulations faced by cloud-service providers found the sector was subject to an array of national, international, state and sector-specific and cross-sectoral obligations, not limited to the Security of Critical Infrastructure (SOCI) Act, Privacy Act (PA), Protective Security Policy Framework (PSPF), National Institute of Standards and Technology standards, Australian Energy Sector Cyber Security Framework and Resources and Australian Prudential Regulation Authority (APRA) CPS 234-Information Security. The complicated operating environment risks cruelling the rise of the cloud-computing industry, and therefore could impede the cyber security maturity uplift of Australia’s business environment. Cloud-service provision has been acknowledged as having ushered in increased efficiency and functionality to local businesses. More than half (55 per cent) already relied on cloud providers for core business functions in 2019-2020, according to the Australian Bureau of Statistics. Given the importance of cloud-service provision to Australia’s cyber security, economy and future productivity, this research seeks to provide clarity on a path forward for the sector. It recommends four structural and process changes to improve governance arrangements for cloud service providers, boosting competition and cost-effective cyber security compliance