Attacks against government and the public service have increased in line with geopolitical activity, driven by state-sponsored actors, according to NTT's Global Threat Intelligence Report, released Wednesday.

The report found that application-specific (40 per cent) and web-application (20 per cent) attacks dominated Australia, accounting for nearly 60 per cent of all attacks combined, revealing the security risks that cloud adoption and careless DevOps programs can introduce.

NTT's national director of cybersecurity John Karabin told The Australian that cymercriminals are often finding that organisations that hold valuable data, such as financial services, have strong cyber defences, so they instead move to less protected companies in the supply chain.

According to Mr Karabin, Australia's financial sector has been identified as the sector with the highest cyber maturity for finance of any country tested (2.12).

However, Australia’s healthcare sector lagged other markets, with a cyber maturity score of 0.96 — compared to the 1.12 global average.

"Australia’s healthcare sector has a big reliance on legacy systems. The current challenge of keeping networks safe is being compounded by legacy systems that lack basic cybersecurity controls," Mr Karabin said.

"Also, the addition of medical devices that connect to the network without strong security controls compounds the problem. The rise of Medical IoT and the concentration of sensitive personally identifiable information, is becoming an attractive target for adversaries looking to profit from the health industry."

The report found technology was Australia's most attacked industry, accounting for 35 per cent of all attacks, while government represented 26 per cent of attacks.

Last year Sydney-based technology outfit Canva was the victim of a security breach with data relating to its 139 million users reportedly stolen, while Australian intelligence determined China was responsible for a cyber-attack on its national parliament.

The NTT research found that 'zmeu' and conficker' were the most common malware packages, accounting for over 20 per cent of all detections.

Mr Karabin said both malware families were over eight years old, and malware variants are continuously being repackaged and updated, with new capabilities such as vulnerability scanning and undetectable stealth mode.

"This tells us that old vulnerabilities are remaining active targets but adversaries are now leveraging artificial intelligence and machine learning and investing into the automation of complex attacks," he said.

"We’ve seen this especially in recent weeks with adversaries taking advantage of the current COVID-19 pandemic by repurposing their toolset, deploying new infrastructure and developing innovative campaigns to proactively target vulnerable organisations."

More related stories

The Wall Street Journal

Hold off on that iPhone: Apple’s September refresh will make the wait worthwhile

With Apple’s latest and greatest crop of devices typically launching in September, buyers who can wait a couple of months will be rewarded - possibly with a super-thin iPhone 17 Air.

Read more

Education

Kids accessing rape, incest role-play games

Children are able to role-play as a rapist by accessing 500 online ‘games’ promoting rape, incest and child abuse, a safety investigation has revealed.

Read more