This evolving threat highlights the needed focus on managing the residual vulnerabilities in our systems. The report shows a concerning trend: one in five critical vulnerabilities were exploited within 48 hours of being reported. This demonstrates we are still, in general, failing to patch and mitigate even known weaknesses. Moreover, sectors vital to our daily lives – critical infrastructure – are coming increasingly under attack, with 143 incidents reported in this area alone.
This issue with preventable exploitation highlights the importance of timely patching and adopting a proactive approach to vulnerability management. Organisations should strive to patch critical vulnerabilities within 48 hours, and other identified vulnerabilities within two weeks, as ASD recommends. Furthermore, adopting a comprehensive patch management policy and continuous monitoring for new vulnerabilities and threats can significantly reduce the risk of exploitation. For organisations with limited cyber security expertise, utilising reputable security service providers for patch management could be a viable option.
The report clearly shows how cybercriminals have adapted their methods, with the rise in extortion-related incidents, ransomware attacks, and business email compromises (BEC). The financial implications are significant, with the cost of cybercrime to small and medium-sized businesses averaging between $46,000 and $97,200, so to a small business, this loss of cash flow could be hard to stomach. To counter these threats, companies must enhance email security protocols, implement robust multi-factor authentication (MFA), and maintain regular backups.
Employee training on recognising and responding to phishing attempts and other social engineering tactics is crucial. Additionally, organisations should establish and regularly test their incident response and business continuity plans, ensuring they can respond swiftly and effectively to cyber incidents.
The key takeaways?
It’s not a matter of if but when a cyber incident will occur. Therefore, it’s essential to adopt a proactive cybersecurity posture. Measures like the ASD’s Essential Eight are crucial, but fostering a more positive and proactive cyber-secure culture within your organisation is vital.
The report underscores the heightened interest of state actors in critical infrastructure, focusing on data theft and business disruptions. This has been demonstrated by targeting government and essential infrastructure networks globally, including across the AUKUS partnership, which seems to be a target for intellectual property theft.
The implications for organisations operating within or connected to critical infrastructure sectors are clear: robust security measures are not just recommended but essential. This includes implementing secure-by-design principles and prioritising secure-by-default products during development and procurement. Organisations should also conduct regular vulnerability assessments and penetration testing to identify and mitigate potential attack vectors, especially those targeting interconnected systems.
So, what does this mean for 2024?
It means being vigilant, staying informed, and being prepared is necessary for all organisations of all sizes and shapes here in Australia. Whether you’re a small startup or a large corporation, cyber threats are a reality that will impact your operations, ruin your reputation, and adversely affect your bottom line.
If this report has you wondering if your cybersecurity posture is sound or if you’re unsure what the findings mean, feel free to contact us for a tailored discussion about securing your operations.
Click here for an overview of our services.
The ACSC’s Annual Threat Report 2022-2023 can be found here.