ACSC Annual Cyber Threat Report: July 2019 to June 2020

The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is the leading operational arm for the Australian Government responsible for strengthening the nation’s cyber resilience, and for identifying, mitigating and responding to cyber threats against Australian interests. The ACSC also manages ReportCyber on behalf of federal, state and territory law enforcement agencies, providing a single online portal for individuals and businesses to report cybercrime.

The Australian Federal Police (AFP) investigates cybercrimes against the Commonwealth Government, critical infrastructure and systems of national significance or those with impact on the whole of the Australian economy. The AFP works collaboratively with domestic and international partners to enhance cyber capabilities and make Australia a costly, hostile environment for cybercrime.

The Australian Criminal Intelligence Commission (ACIC) is Australia’s national criminal intelligence agency. Its role is to discover and prioritise cybercrime threats to Australia, understand the criminal networks behind them and support the Australian Government’s response by working closely with law enforcement, intelligence and industry security partners in Australia and internationally. The ACIC develops comprehensive intelligence to understand the cybercrime environment, its evolution, and serious and organised cybercriminal activities and share this with our partners.

On average, the ACSC assists six entities to respond to cyber security incidents each day. At any one time, the ACSC is managing dozens of incidents simultaneously. Some incidents can take weeks or months to resolve depending on their complexity.

To manage the very broad range of incidents reported, the ACSC uses a Cyber Incident Categorisation Matrix to triage and prioritise responses and mitigations required for each incident. The Matrix helps the ACSC categorise the severity of the incident and allocate resources accordingly through assessing an incidents significance and impact.

The ACSC is a participant of the National Cyber Security Committee (NCSC), which provides strategic oversight and coordination of response efforts among Commonwealth, state and territory governments in the event of a national cyber incident. The NCSC’s role in responding to a national cyber incident includes facilitating the exchange of threat intelligence and solutions to enhance each jurisdiction’s situational awareness and response activities and to oversee the development of nationally consistent public information. The NCSC is also responsible for setting the Cyber Incident Management Arrangements (CIMA) level, which provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national incidents.

The ACSC and our law enforcement partners ACIC and AFP, have developed this inaugural report to provide important information about emerging cyber security and cybercrime threats impacting different sectors of the Australian economy. It includes best-practice mitigation advice for implementation by individuals and organisations, so they can reduce the likelihood and impact of malicious cyber activity.

This report outlines key cyber threats and statistics over the period 1 July 2019 to 30 June 2020. Over this period, the ACSC responded to 2,266 cyber security incidents and received 59,806 cybercrime reports at an average of 164 cybercrime reports per day, or one report every 10 minutes.