Search

2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0 Advisory

Aug 5, 2021 The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.

COVID-19 themed malicious cyber activity Advisory

Mar 27, 2020 This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Guidelines for Secure AI System Development Publication

Nov 27, 2023 This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. This document is aimed primarily at providers of AI systems who are using models hosted by an organisation, or are using external application programming interfaces (APIs).

Australian organisations encouraged to urgently adopt an enhanced cyber security posture Alert

Mar 28, 2022 Australian organisations are encouraged to urgently adopt an enhanced cyber security posture. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment.

Sustained targeting of the health sector Alert

Oct 30, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.

Protecting Industrial Control Systems Publication

Jul 1, 2018 Industrial control systems are essential to our daily life. They control the water we drink, the electricity we rely on and the transport that moves us all. It is critical that cyber threats to industrial control systems are understood and mitigated appropriately to ensure essential services continue to provide for everyone.

Gateway Security Guidance Package: Gateway Technology Guides Publication

Jul 29, 2022 This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.

Domain Name System Security for Domain Resolvers Publication

Oct 6, 2021 This publication explores DNS security for recursive resolution servers. It also shares helpful strategies to reduce the risk of DNS resolver subversion or compromise.

#StopRansomware: BianLian Ransomware Group Advisory

Nov 21, 2024 The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.

Choosing Secure and Verifiable Technologies Publication

May 9, 2024 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.

Gateway Security Guidance Package: Executive Guidance Publication

Jul 29, 2022 The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.

#StopRansomware: Play ransomware Advisory

Dec 19, 2023 This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

Ten Things to Know About Data Security Publication

May 16, 2024 This publication has been developed to assist business owners and information technology managers, particularly those unfamiliar with cyber security, with ten things they should know about data security.

People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations Advisory

Sep 19, 2024 Cyber actors may have used botnet to compromise thousands of Internet-connected devices.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) Advisory

Apr 14, 2022 ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

Personal cyber security: Advanced steps guide Guidance

Oct 1, 2021 The third and final guide in the series is designed to help everyday Australians understand the basics of cyber security, and how you can take action to protect yourself from ever-evolving cyber threats.

Protecting your staff Guidance

Apr 11, 2023 An incident response plan can help organisations to respond to cyber security incidents while continuing to conduct business operations.

APT40 Advisory Advisory

Jul 9, 2024 This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks Advisory

Sep 16, 2020 This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.

Cybersecurity Best Practices for Smart Cities Publication

Apr 20, 2023 This guidance is the result of a collaborative effort from the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).

Guidelines for Cyber Security Incidents Advice

Sep 26, 2024 This chapter of the Information Security Manual (ISM) provides guidance on cyber security incidents.

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations Advisory

Sep 15, 2022 The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.

Australian Signals Directorate’s Cyber Security Partnership Program Program page

The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Introduction to Cross Domain Solutions Publication

Oct 6, 2021 This publication introduces technical and non-technical audiences to the concept of a Cross Domain Solution (CDS), a type of security capability that is used to connect discrete systems within separate security domains in an assured manner.

The Commonwealth Cyber Security Posture in 2022 Reports and statistics

Dec 16, 2022 The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cyber security measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).

Cyber security for charities and not-for-profits Guidance

Mar 12, 2024 How to avoid common cyber threats and protect your mission .

Cyber Security Incident Response Planning: Practitioner Guidance Publication

Apr 11, 2024 ASD defines a cyber security incident as an unwanted or unexpected cyber security event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.

Protect yourself online: A guide to cyber security for young people Guidance

May 2, 2024 The steps in this guide can help you navigate the online world with confidence.

Mitigation strategies for edge devices: executive guidance Publication

Oct 3, 2024 This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

Antivirus software Guidance

Apr 11, 2023 The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.