The Australian Cyber Security Centre (ACSC) has urged private businesses to report threats, despite reluctance among some companies to involve the Government.
“Reports help the ACSC develop a better understanding of the threat environment and will assist other organisations that are also at risk,” it says in its annual threat report.
“Cyber-security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.”
Australia is the target of persistent and sophisticated cyber espionage, and cyber crime remains a pervasive threat to national interests and prosperity, according to the report.
The ACSC says it relies on self-reporting in the private sector, but some companies fear disclosure may harm their reputations or create legal or commercial liabilities.
It says it is trying to engage industry, but willingness to put in place mitigation strategies varies considerably across and within sectors.
The Computer Emergency Response Team (CERT) responded to 14,804 cyber-security incidents affecting Australian businesses last financial year. Of those, 418 involved systems of national interest and critical infrastructure.
However, due to lack of reporting, the team lacks a complete view of incidents affecting industry.
In CERT’s experience, the energy and communications sectors had the highest number of compromised systems, while the banking and financial services and communications sectors had the most distributed-denial-of-service activity.
The energy and resources sectors recorded the highest number of malicious emails.
The ACSC says terrorist groups pose a low cyber threat, with their actions mostly restricted to embarrassing governments, imposing financial costs and achieving propaganda victories.
“It is unlikely terrorists will… compromise a secure network and generate a significant disruptive or destructive effect for at least the next 2-3 years,” it says.
The report says labelling every incident a “hack” or “attack” is unhelpful in understanding the range of threats, and promotes sensationalism.
The Federal Government defines a cyber attack as a deliberate act to manipulate, disrupt, deny, degrade or destroy computers or networks, or the information resident on them, with the effect of seriously compromising national security, stability or economic prosperity.