Cybercrime on the rise in Australia due to ‘destructive’ ransomware and state actors

Australia has recorded one cybercrime report every seven minutes over the past year, proving ransomware to be the “most devastating” threat. State actors remain a threat to institutions such as the Australian Bureau of Statistics, making personal information of local residents an attractive target.

The number of cybercrime reports in the country increased by nearly 13% last year to over 76,000, according to the report. Annual Cyber ​​Threat Report 2021-2022 Released by the Australian Cyber ​​Security Center (ACSC). This means he had one report every seven minutes from his eight minutes last fiscal year, the agency said.

Its annual report includes insights from the Australian Federal Police, the Australian Crime Intelligence Commission, the Australian Security Intelligence Agency, the Defense Intelligence Agency and the Home Office.

Ransomware in particular has been the hardest hit by the ACSC, with all sectors of the local economy directly affected by such attacks last year, with 447 reported ransomware cases. While this number is down 10% from the previous year, the report estimates that ransomware is still significantly underreported, especially among victims who choose to pay the ransom.

The education and training sector had the most ransomware incidents, up from fourth place last year. Along with his four other sectors in the top five, they account for 47% of all reported ransomware attacks.

According to the ACSC, “Leading ransomware groups continue to target Australia’s ‘big money’ organizations – those with high profile, high value and critical services. “Global trends show a shift towards targeting smaller and smaller businesses (SMBs) in favor of fewer ‘big shots’ targets, a change that has yet to be seen in Australia.”

State actors pose a constant threat in geopolitical tensions

However, the past year has witnessed relentless attempts by state actors to access sensitive data, including personally identifiable information, to support government information requirements.

Deputy Prime Minister and Defense Minister Richard Marls said: “We are now witnessing a deteriorating strategic situation in the region and the world, including a military build-up not seen since World War II. The expansion of gray zone capacity is of particular concern.”

The Australian Bureau of Statistics, for example, is an attractive target because it holds personal information about local residents.

Ahead of the August 2021 census, the ACSC said it held a threat intelligence briefing with the agency to assess cyber activity against the agency. We also conducted a review of the Bureau’s systems, including source code review, penetration testing to identify vulnerabilities, and analysis to detect malicious activity that may already exist in the system.

The ACSC said it saw no signs of malicious activity and that critical cybersecurity recommendations were resolved by the agency before the census took place.

This was done without a cybersecurity incident or disruption of service, but the cybersecurity agency noted that cyber is increasingly becoming an arena of warfare. Malware use by Russia Delete the data and shut down the Ukrainian computer.

It also covers an incident in July 2021 when Australia attributed the exploitation of Microsoft Exchange vulnerabilities to China’s Ministry of State Security. The Five Eyes Recommendation of November 2021 also states: Iranian state-owned actor exploited Same vulnerability.

The ACSC warned that Indo-Pacific dynamics are increasing the risk of crisis and that cyber operations are likely to be used by states to challenge the sovereignty of others.

“These actors don’t just want confidential information. They also want to understand who we are, how we are connected to each other, and what we value. “In some cases, we may seek to pre-position strategic networks to prepare for coercive or destructive activity against us.”

The report further notes that Australia’s critical infrastructure continues to face potential threats from state actors and cybercriminals seeking to cause chaos.

“Critical infrastructure includes physical facilities, communications networks, information and operational technology that provide critical services,” said ACSC. “Continued sustained disruptions in some parts of the critical infrastructure ecosystem will have ripple effects in other parts of the economy, ultimately being seen internationally as a result of ransomware attacks on health services. As such, it can lead to damage and loss of life.”

Last November, CS Energy’s corporate network was targeted by the Conti ransomware group affiliated with Russia. The Queensland power company, which produces 10% of his electricity for the national electricity market, had cut external online connections to the network. After detecting a ransomware attack Initiated business continuity procedures.

According to ACSC, 95 cyber incidents, or about 8% of all cyber incidents handled last year, involved critical infrastructure.

Among other key findings in this year’s report, the security agency estimated that A$98 million ($62.74 million) was lost to business email compromise incidents, with an average of A$64,000 lost per report. increase.

The average cost per cybercrime report for SMEs was also over A$39,000, A$88,000 for medium-sized businesses and A$62,000 for large businesses.

The country’s cybersecurity hotline receives more than 25,000 calls, averaging 69 calls per day, a 15% increase over the previous year.

Fraud, online shopping, and online banking were the leading cybercrime categories, accounting for 54% of all reported incidents.

Marls said: [ACSC] The report shows how attackers around the world continue to find innovative ways to deploy online attacks, using supply chains to penetrate the cyber defenses of governments and organizations in many countries, including Australia. is shown.

“Reporting cybercrime is essential to building a holistic view of the threat that can prevent others from falling victim to ransomware syndicates and cybercriminals. We will be informed by intelligence,” the minister added.

the government wants tougher fines Fines of up to AU$50 million ($31.57 million) apply for serious or repeated data privacy breaches. The move comes amid a spate of cybersecurity incidents that compromised customer data. Optus and Medibank.

Related article