A new cyber security report by the Federal Government has revealed that more than half of Australian organisations surveyed have experienced an incident in which their data or systems were compromised.
The Government released the report, published by the Australian Cyber Security Centre (ACSC), on 19 April, following a survey of Australian government and major businesses of “national significance”.
The 2016 Australian Cyber Security Centre Survey report reinforces the “unrelenting and increasingly sophisticated” cyber threat that Australian organisations face, according to the government.
According to the government, the report reveals that Australian critical infrastructure organisations are being "targeted by cyber criminals up to hundreds of times each day".
“It confirms that many Australian organisations – 90 per cent of those surveyed – are experiencing some form of attempted or successful cyber security compromise, and that some are being targeted up to hundreds of times per day,” a joint statement by Attorney-General, George Brandis, and Minister Assisting the Prime Minister for Cyber Security, Dan Tehan, said.
“Importantly, the survey demonstrates a high level of ability of organisations to prepare for and recover from cyber threats. However the continually changing threat environment means more needs to be done to prepare, adapt and detect potentially malicious activity,” it said.
According to the report, 86 per cent of organisations surveyed experienced attempts to compromise the confidentiality, integrity or availability of their network data or system, while 58 per cent experienced at least one incident that successfully compromised their data or systems.
At the same time, 90 per cent of organisations faced some form of attempted or successful cyber security compromise during the 2015-16 financial year.
“Organisations faced numerous malicious cyber threats on a daily basis — through spear phishing emails alone, organisations are affected up to hundreds of times a day,” the report stated.
Meanwhile, 60 per cent of organisations surveyed experienced tangible impacts on their business due to attempted or successful compromises, while 51 per cent said they tend to be alerted to possible breaches by external parties before they detect it themselves.
According to the report, the findings suggest that the current level of cyber threat activity is disruptive for organisations, regardless of whether an attempt to compromise a network is successful or not.
However, there is some good news, according to the ACSC, with the majority of organisations surveyed displaying a high level of resilience.