Both state actors and criminal networks are increasingly exploiting existing vulnerabilities on servers and networks – rather than infecting a system with malware – which makes them harder to detect. The Microsoft Exchange hacks were the most notable example of hackers exploiting a major vulnerability.
“In the last three months, we found that of all the attempted breaches that we analysed, 68 per cent did not use any malicious software,” Mr Sentonas said.
“These adversaries are starting to get a lot smarter in terms of how they exploit a victim. Instead of using traditional malware, a malicious application, they’re now starting to use the tools that come with an operating system. The reason why you do that is it pretty much guarantees you’re not going to be caught.”
The Australian Cyber Security Centre received 67,500 reports last financial year, up 13 per cent on the previous 12 months. The report showed 20 per cent of cyber incident reports coming from the Commonwealth government and 15 per cent from state and territories – but it is believed there is a massive underreporting from Australian businesses.
On average, 1500 reports a month related to the pandemic and the health sector was a major target.
The Australian Strategic Policy Institute’s cyber policy director, Fergus Hanson, said cyber attackers were increasingly targeting health services because they would be desperate to pay a ransom because it was a “matter of life and death”.
“What we will see, particularly as people harden defences, is the healthcare sector and those types of sectors that supply essential services will be targeted more because they will be more desperate to pay quicker,” he said.
The Morning Edition newsletter is our guide to the day’s most important and interesting stories, analysis and insights. Sign up here.