MailGuard Blog — Breaking alerts, news and updates on cybersecurity topics

DE-BRIEF: ASD, CYBER THREAT REPORT 2023–2024

Written by MailGuard | 22 November 2024 04:51:20 Z

This week the Australian Signals Directorate (ASD) released its annual report for 2023-24, detailing the state of cybersecurity in Australia.

The report finds that Australia's strategic cyber environment in 2023–24 has reached unprecedented complexity, driven by global conflicts, state-sponsored actors, and evolving cybercrime methodologies.

Average losses for Australian businesses remain unacceptably high.

Source: ASD, Cyber Threat Report 2023-24

Notable themes within the report include:

  • State-sponsored cyber actors: Continuously targeting governments, critical infrastructure, and businesses for espionage and disruption.
  • Cybercriminal evolution: Exploiting technologies like artificial intelligence (AI) to execute sophisticated phishing, ransomware, and business email compromise (BEC) attacks.
  • Critical infrastructure: Regularly attacked due to its interconnected systems, sensitive data, and national significance.

The report underscores the increasing need for robust defenses, public-private collaboration, and the adoption of proactive, secure-by-design practices.

Source: ASD, Cyber Threat Report 2023-24

Source: ASD, Cyber Threat Report 2023-24

Importantly for MailGuard customers, it also underscores the criticality of email-borne threats and advanced protection.

Source: ASD, Cyber Threat Report 2023-24


Key Insights for IT Professionals & Businesses

 

1. Email Security: A Core Attack Vector

Email remains a primary entry point for cybercriminals, particularly targeting businesses via phishing and BEC fraud. Noteworthy statistics include:

  • 20% of cybercrimes against businesses involve email compromise, often linked to phishing.
  • BEC attacks result in substantial financial losses, averaging $55,000 per incident.
  • Cybercriminals increasingly employ AI tools to scale social engineering efforts, amplifying their success rates.

Recommendations for businesses:

  • Train users to recognize phishing and fraudulent emails.
  • Implement multi-factor authentication (MFA) and enforce strong password policies for business email accounts.
  • Deploy advanced email filtering solutions, such as MailGuard, to pre-empt malicious emails.

 

2. Evolving Threats from State-Sponsored Actors

State actors are intensifying cyber operations, leveraging living-off-the-land (LOTL) techniques, supply chain compromises, and cloud exploitation.

Recent advisories highlight:

  • Pre-positioning tactics: Actors infiltrate critical networks for future disruptive attacks, as seen in incidents involving PRC and Russian entities.
  • Use of native tools to evade detection, complicating traditional defenses.

Actionable strategies for businesses:

  • Strengthen network visibility and monitoring through continuous event logging.
  • Prioritize supply chain security audits and implement zero-trust principles.
  • Incorporate LOTL threat detection within your cyber resilience strategy.

 

3. Ransomware and Data Theft Extortion

Ransomware remains a pervasive threat, now accompanied by data theft extortion, targeting Australian businesses with:

  • Increased operational and reputational damage.
  • Expanded tactics that exfiltrate sensitive data instead of encrypting systems.

Defensive measures for businesses:

  • Business should avoid ransom payments, which fuel the cybercrime ecosystem.
  • Establish regular system backups, like with SafeGuard, and test data restoration processes.
  • Ensure ransomware-resistant configurations by adopting ASD's ‘Essential Eight Maturity Model’.

 

4. Critical Infrastructure Vulnerabilities

Australia's critical infrastructure faces growing risks due to its interconnected nature. Key findings:

  • 11% of incidents responded to by ASD in FY2023–24 involved critical infrastructure, including electricity, water, and healthcare sectors.
  • Compromised credentials, malware infections, and exploited public-facing applications dominate incident types.

Recommendations for critical infrastructure stakeholders:

  • Secure operational technology (OT) networks with segmentation and segregation.
  • Ensure networks adhere to secure-by-default product standards, and
  • Provide continuous security posture assessments and incident response planning.

Source: ASD, Cyber Threat Report 2023-24

 

5. Collaboration with ASD

ASD's Cyber Threat Intelligence Sharing platform has grown significantly, enabling businesses to:

  • Access over 1.37 million indicators of compromise.
  • Share and receive actionable intelligence to bolster defenses.

We recommend that businesses leverage these programs to enhance awareness with cutting-edge protection.

 

Strategic Recommendations for Businesses

A) Redouble the Importance of Specialist Email Security Solutions:

  • MailGuard is a critical enhancement to existing native email security measures like Microsoft 365 and Google Workspace.
  • Its proactive blocking capabilities against emerging 'zero zero-day' threats like phishing and BEC are vital.

B) Adopt Resilience Frameworks:

  • Incorporate incident response planning, disaster recovery, and threat intelligence sharing within resilience planning.
  • Build business continuity services emphasizing ASD’s Essential Eight principles.

C) Support Regulatory Compliance:

  • Align systems with ASD’s guidance on Critical Infrastructure Uplift Programs and the SOCI Act.
  • Use ASD's tailored advisory services to address sector-specific vulnerabilities.

 

Empowering Australia’s Cybersecurity Ecosystem

The findings of ASD's 2023–24 report provide a roadmap for IT professionals and businesses to strengthen their protections while addressing Australia's evolving cyber challenges. By integrating intelligence, adopting best practices, and leveraging secure email solutions like MailGuard, stakeholders can make significant strides in building resilient businesses and securing Australia’s digital future.

You can read and download the full report here:

https://www.cyber.gov.au/sites/default/files/2024-11/asd-cyber-threat-report-2024.pdf

Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.

One email is all that it takes     

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.     

For a few dollars per staff member per month, you can protect your business with MailGuard's specialist, zero zero-day email security. Special Ops for when speed matters!  Our real-time zero zero-day, email threat detection amplifies our client’s intelligence, knowledge, security and defence. Talk to a solution consultant at MailGuard today about securing your company's inboxes.  

Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.  

 
View full post