Report highlights rising cyber threats in Australia and NZ

Cyber security company CyberCX's 2023 Digital Forensics and Incident Response Report sheds light on the cybersecurity landscape in Australia and New Zealand, presenting a detailed analysis of over 100 significant incidents from the past year.

The report revealed a notable rise in business email compromise (BEC), unauthorised access, and cyber extortion.

Cyber security landscape in Australia and New Zealand in 2023

Key findings of the CyberCX report include:

• a 37% surge in BEC incidents, predominantly executed through phishing tactics, suggesting an increasing sophistication in how attackers are bypassing security measures
• variability in the time-to-detect (TTD) for different types of incidents, with cyber extortion averaging 18 days and espionage reaching an average of 390 days, highlighting the stealth and persistence of attackers in espionage cases
• a significant challenge to multi-factor authentication (MFA) effectiveness, evidenced by a fivefold increase in BEC incidents involving more sophisticated methods like adversary-in-the-middle (AITM) attacks or session theft
• “data extortion only” tactics, where attackers opt for data theft without deploying ransomware, saw a threefold increase, indicating a shift in the strategies of cyber extortionists
• remote access solutions, secured through valid credentials, becoming the primary initial access vector for cyber extortion, overtaking traditional vulnerability exploitation
• a decrease in ransom payments, with a 50% drop observed among victims of cyber extortion
• an encouraging trend where 53% of organisations that did not pay a ransom saw no subsequent public leak of their data, an improvement from 46% the previous year

“We publish this data as part of our mission to secure the communities we live and work in,” said Hamish Krebs, executive director of digital forensics and incident response at CyberCX. “It is our hope that organisations across our region will leverage these valuable insights and implement our recommendations to increase their security posture as they consider how to protect their organisations, customers, and their people in 2024 and beyond.”