Common threat types
Common threat types
The cyber threat to Australian individuals and organisations is undeniable, unrelenting and continues to grow.
You could be a target even if you don’t think the information held on your networks is valuable, or that your business would be of interest to cyber adversaries.
Many organisations are at risk purely because they are vulnerable through unpatched software or unaware staff members.
Common threats impacting Australians include:
Malware is software that cyber criminals use to harm your computer system or network. Cyber criminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks.
Ransomware is a type of malware that denies access to files or computer systems until a ransom is paid.
Distributed denial of service
A distributed denial of service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic.
Cryptocurrency mining (cryptomining) software uses a system’s processing power to solve complex mathematical problems, in return for a type of digital currency.
Unauthorised cryptocurrency mining (also known as cryptojacking) is where a website or software on your computer does this cryptocurrency mining without your authorisation. It is now the most popular cyber attack method.
Malicious insiders are people such as employees, former employees, contactors or business associates who have inside information on your computer system, data or security, and access it for their own purposes.
Identity theft is when a cybercriminal gains access to your personal information to steal money or gain other benefits.
Phishing is a method of stealing confidential information by sending fraudulent messages to a victim. It is one of the most prevalent scams reported in Australia.
Criminals use email to manipulate or trick you into unintentionally sharing personal information, financial details, or money.
Phone call scams
There are many ways scammers try to get your information or money over the phone. They will usually pretend to be from a well-known organisation, such as a government agency, a utilities provider, Australia Post, a bank or the police. They can be incredibly convincing.
Dating and romance scams
Scammers often approach their victims on legitimate dating websites before attempting to move the ‘relationship’ away from the safeguards that these sites put in place, for example, by communicating through other methods such as email, where they can more easily manipulate victims.
Secondary targeting is where cyber adversaries try to gain access to networks of companies that provide products or services (e.g. through outsourcing arrangements) as a means to get to their higher value customers.