State actors and criminal networks are increasingly exploiting existing vulnerabilities on servers and networks – rather than infecting a system with malware – making them harder to detect. The Microsoft Exchange hacks were the most notable example of hackers exploiting a major vulnerability.
“Over the past three months, we’ve found that of all the breach attempts we analyzed, 68% were not using any malware,” Sentonas said.
“These adversaries are starting to get a lot smarter in the way they exploit a victim. Instead of using traditional malware, a malicious application, they are now starting to use the tools that come with an operating system. The reason you do this is that it pretty much guarantees that you won’t get caught.
The Australian Cyber Security Center received 67,500 reports last year, up 13% from the previous 12 months. The report showed that 20% of computer crash reports originated from the Commonwealth government and 15% from states and territories – but there is believed to be massive underreporting by Australian businesses.
On average, 1,500 reports per month related to the pandemic and the health sector was a major target.
Australian Strategic Policy Institute director of cyber policy Fergus Hanson said cyber attackers were increasingly targeting healthcare services because they would be desperate to pay a ransom because it was ‘a “matter of life and death”.
“What we will see, especially as people harden their defenses, is the health sector and the types of sectors that provide essential services will be more targeted as they will be more desperate to pay faster,” he said. he declared.
The Morning Edition newsletter is our guide to the most important and interesting stories, analysis and ideas of the day. Register here.