Australian businesses are under continual threat from potentially damaging cyber attacks, and the situation is only going to get worse with increasingly complex technological change.

A recent high-profile example is the hacking of a national security (defence) contractor's system last year (and only announced publicly this month). The hackers accessed the network of the contractor, stealing large amounts of sensitive data, including details of Australia's Joint Strike Fighter and technical information on smart bombs.

The ACSC [Australian Cyber Security Centre] identified 47,000 cyber incidents over the past financial year — a 15 per cent increase — and more than half of these were internet scams or fraud.
Major Australian businesses were hit by 7,283 of the attacks.

Source: ABC News – Defence contractor's computer system hacked, files stolen, cyber security report reveals

2017 ACSC Threat Report

The Report was released in October, highlighting the trends in cyber-security. Alarmingly, the report concludes that Australian businesses continue to be targeted by cyber-crime and cyber espionage. The potential damage includes the loss of commercially sensitive information (through theft of data) and more immediate financial harm (including through ransom demands to de-crypt data following a ransomware infection).

See: 2017 ACSC Threat Report

So what can you do about it?

  • Follow Kott Gunning's 14 Key Cyber Risk Management Steps which all Australian businesses should be taking.
  • The Australian Signals Directorate (think James Bond, without the licence to kill) also provides a useful guide on the 'essential eight' steps to be taken to mitigate your risk. See: ASD Essential Eight Explained
  • Given the increasing risk and the potential damage of a cyber-attack, businesses should ensure they have adequate cyber insurance in place.
  • Finally, as the security contractor has now learned, it's probably best not to have your username as "admin" and your password as "guest".

Watch the ABC news story – Password for hacked defence contractor system was 'guest'

Please contact Stephen Williams or Daniel Coster if you would like to further discuss the contents of this article.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Kott Gunning is a proud member of