CyberCX

CyberCX's Luke Roache has told ABC News that the risks of DeepSeek AI are clear and governments should extend a ban of the app to critical infrastructure such as telecommunication networks, hospitals and airports.   "These organisations are already under constant attack by financially motivated cyber criminals and nation-state groups," said Luke.   "Given the provenance of DeepSeek and its ongoing connection to an authoritarian state, risks associated with integrity, influence and espionage mean introducing the app into any networks of national significance would be a potential boon for the strategic ambitions of the Chinese state."

Australian businesses and government departments serve as an attractive target for cyber criminals, and despite best efforts, cyber attacks continue to increase in speed, frequency and complexity.    Some of the reasons for persistent vulnerabilities in organisations include cost, resource constraints, legacy infrastructure, and misunderstandings about cyber security risks and threat levels. To combat this, the Australian Signals Directorate (ASD) developed the Essential Eight framework.    Our new guide 'Unlocking the Essential Eight' provides cyber security professionals and decision-makers within Australian businesses and public sector organisations with practical strategies, insights, and recommendations to help align your goals with Essential Eight objectives.   The threat is real, but there are things every organisation can do to significantly reduce the risk of a cyber intrusion. Download the guide to find out more: https://lnkd.in/gPHyEkbu

Alastair MacGibbon joined Gary Adshead on ABC Perth Drive this week to discuss the difference between financially motivated cyber crime and state-based cyber espionage.   Alastair said that CyberCX’s recent Threat Report shows that it takes about 404 days for organisations to discover that they have been the victim of state-based espionage, as nation state threat actors become more sophisticated.   “They are increasingly using the tools that are inside your business – this is called Living Off the Land,” said Alastair. “Last year western governments came out and talked about Volt Typhoon, this was China accused of placing the equivalent of explosives inside critical infrastructure but electronically, using this method called Living off the Land. They don’t bring in typical bits of code of malicious software that a criminal might.”

⚕️ The delivery of safe modern medicine is underpinned by secure technology, however just as healthcare is advancing its approach to technology procurement and management, cyber threat actors are enhancing their tactics.   Cyber attacks in healthcare present a myriad of challenges: disruption to the provision of healthcare, privacy breaches, and a decline in community trust of our health system more broadly.   Here are some of the key insights from our latest industry insights report - Diagnosing Cyber Threats in Healthcare 2025 ⬇️ Download your copy to find out what organisations can do to safeguard patients and their health outcomes to build a more secure, trusted, and resilient sector: https://lnkd.in/dMcWc8eP

Alastair MacGibbon welcomed The New Zealand Herald’s Madison Malone to our Auckland Security Operations Centre (SOC) this week to showcase how the facility helps protect organisations from cyber threats.   Alastair said that one of the reasons for building CyberCX’s capabilities in the private sector is that you can invest and scale in ways that governments can’t. “CyberCX both in Australia and New Zealand highlights that you can do what people thought governments would do (but) in the private sector and sometimes do it better.”   Alastair added that most people don’t understand just how toxic the cyber environment we operate in is. “The vast bulk of the time that doesn’t impact organisations – there are near misses on a daily basis – but I think the general public and a lot organisations sadly just don’t know how many threats there are.”

Speaking to The New Zealand Herald from our Auckland Office this week, CyberCX UK Chair Ciaran Martin said that the cyber threat level to private and publicly owned critical infrastructure is the highest it’s ever been.   “What we’re worried about now, what drives the cyber threats, are three things; politics, money, and technology,” he told the Herald's Madison Malone.   Ciaran added that while he didn’t want to be alarmist, Artificial Intelligence (AI) is making cyber warfare more accessible. “The way AI is working out in cyber attacks is simply it’s making them a fair bit better, but also it’s making them cheaper and easier to do,” Ciaran said, “and this is the bit I worry about right now”.   You can read more here: https://lnkd.in/dnWK7jbv

Our latest industry insights report highlights the growing risk of cyber attacks against health organisations ⚕️   The report names AI as the cyber opportunity and threat driver to watch in 2025, urging healthcare organisations to proactively engage with the upsides, while also appreciating the way that it is accelerating cyber threat actor activity.   “Just as AI has the potential to revolutionise the way we diagnose and treat ill and vulnerable people, cyber threat actors are looking at how this technology can help them accelerate and better target their efforts," said CyberCX's Healthcare Industry Lead, and report author, Megan Lane.    Discover more key findings by downloading the full report: https://lnkd.in/dMcWc8eP

Our latest edition of C-Suite Cyber explores how physical threats to executives and private individuals are increasing, driven by geopolitical shifts and extremist ideologies. Many organisations consider physical safety measures for high-profile executives or at-risk members of staff. However, there is an increasing need for physical security to be combined with cyber safety measures as malicious actors turn to online monitoring to carry out reconnaissance against possible targets.   C-Suite Cyber outlines that organisations can: ◻️ Understand your executives' threat profile and monitor for changes ◻️ Conduct regular Digital Footprint Assessments for high-profile or at-risk personnel  ◻️ Proactively brief executives about both physical and cyber security threats Read the newsletter to find out how your organisation can think about this in two dimensions, and what you should do to protect yourself:

CyberCX's 2025 Threat Report reveals the global cyber threat landscape is changing. Despite the best efforts of defenders over the past 12 months, conditions have continued to deteriorate as adversaries have evolved their tactics and upped the tempo of attacks.    CyberCX's Digital Forensics and Incident Response (DFIR) team are the first responders for hundreds of cyber intrusions every year. Our teams arrive online and onsite at all hours of the day (and night) to guide organisations through major cyber incidents.   Join experts Leah Pinto and Phill Moore for a webinar on Friday 7 March, as they share the hard-learned insights from incidents we responded to in 2024 and how CyberCX can help bolster your cyber defences: https://lnkd.in/dvsvRwDs

Joining Seven Network's Sunrise, Jordan Newnham warned that a new scam actively targeting Gmail accounts could trip up even the most technologically savvy internet users. "The clever part about this scam, that's quite devastating, is that it takes users to a legitimate Gmail sign in page," said Jordan. "Unfortunately, once you've clicked the link you're not on your computer anymore, you're on the scammer's computer and they're harvesting your information and getting full access to your account." If you think you've been scammed, Jordan's advice is to: 👀 Stay vigilant 🔣 Use a password manager to update and store unique and complex passwords 🔗 Check URL before entering credentials ⚠️ Monitor for unauthorised activity 🙋♂️ Report to Google and ACCC Scamwatch