Wednesday, July 29, 2015

Australian Cyber Security Centre Threat Report 2015

The government Australian Cyber Security Centre (ACSC) has issued its first threat report. "The Australian Cyber Security Centre Threat Report 2015" is a 29 page PDF document (issued 29 curiously dated 1 January 1970). The ACSC is made up of federal agencies including Australian Crime Commission (ACC), Australian Federal Police (AFP), Australian Security Intelligence Organisation (ASIO), Australian Signals Directorate (ASD), Computer Emergency Response Team (CERT) and the Defence Intelligence Organisation (DIO).

The report indicates that the number of significant compromises of federal Australian Government networks decreased from 2012 to 2014. The report includes the end of support for Windows XP and MS Office 2003 as a security risk. Hopefully individuals and organisations changing to Windows 10 will result in improved security.

Australian Cybercrime Online Reporting Network (ACORN) is listed as "the primary method for Australians to report cybercrime"

A major deficiency in the report is that it does not acknowledge the predominate role of the non-government sector in cyber-security. In particular there is no mention of AusCERT, a non-government organization, who have been providing coordination cyber-security services from before the creation of ACSC, AusCERT has more experience in the field and a longer track record than the governments own CERT and most other federal agencies.

No comments: