Quarter 2, 2021

Membership matters at AusCERT

By Laura Jiew and Mark Carey-Smith

AusCERT's membership is currently made up of 621 member organisations comprising several tiers of membership levels (small to enterprise).

Members are grouped into defined Australian and New Zealand Standard Industrial Classification categories and the top 3 industries represented by our members are from the following sectors: 

1. Education & Training
2. Financial & Insurance Services
3. Public Administration & Safety.

This Q2, 2021 report provides an overview of the cyber security incidents reported by members, from 1 April - 30 June 2021 and includes a summary of other key achievements this quarter. 

Table of AusCERT incident management service by incident type

INCIDENT MANAGEMENT

AusCERT’s Incident Management Service (sometimes referred to as incident response) includes incident coordination and incident handling, both of which are standard inclusions as part of AusCERT’s membership services. As a 24/7 membership benefit, it is perhaps AusCERT's most focal service offering.

The above table contains statistics of the incidents that were reported by members and acted on by our analyst team.

In Q2, 2021 AusCERT serviced 440 tickets which resulted in an average of approximately 7 tickets per business day of operation.

AusCERT members can utilise AusCERT’s considerably large overseas and local contact networks for removal of phishing and malware sites.

architectural photo of the inside of a building

SECURITY BULLETINS

AusCERT distributes security advisories and bulletins to its members by email and publishes a portion of them to its public website. Bulletins are published in a standardised format with a consistent approach to classifications of vulnerabilities, impacts and affected operating systems.

In Q2, 2021 a total of 1209 External Security Bulletins (ESBs) and 67 AusCERT Security Bulletins (ASBs) were published.

AusCERT members receive consistent security bulletins across a wide range of vendors, enabling the practice of streamlined security patching.

AusCERT analysts specialise in vulnerability research to deliver members a consistently formatted feed of bulletins across major platforms and vendors.

Bar graph of AusCERT issued bulletins for Q2, 2021

MEMBER SECURITY INCIDENT NOTIFICATIONS (MSINs)

AusCERT members benefit from its considerably large overseas and local threat intelligence feeds with respect to incidents that have been detected by other parties but concern the members.

There are several categories of incidents and this service has been running for members for several years. These notifications are a mix of Indicators of Vulnerabilities (IoV) and Indicators of Compromise (IoC).

These customised security reports contain notifications for organisations’ domains and IP ranges.

AusCERT MSINs are customised for each members’ organisation, based on their IPs and domains.

AusCERT MSINs by industry by incident type for Q2, 2021

MEMBER ENGAGEMENT INITIATIVES

Communications

Q2, 2021 kicked off with the release of our blog piece on the topic of Facebook’s account data leak of over five-hundred million of its users. We’d be remiss not to mention the good work done by the folks from Have I Been Pwned back in early April.

AusCERT tried something new in mid Q2 and took over the @WeAreBrisbane Twitter account over the period of 10th-16th May, concurrently with the AusCERT2021 conference. This provided the team with the opportunity of promoting the topics of cybersecurity, information security, and privacy and internet safety to the greater public and the endeavour was well received.

Q2 also saw our team launching a podcast series “Share today, save tomorrow”. As a CERT, AusCERT recognises that the cyber security landscape is ever-changing and continues to be passionate about engaging our members to empower their people, capabilities, and capacities. The AusCERT podcast will cover several major topics within our sector and can now be found on a number of major podcast players such as Spotify, Google and Apple.

We sat down with all the recent winners from the 2021 AusCERT annual awards where they each shared their thoughts on being a recipient of this prestigious recognition. Have a read of each of them below:
AusCERT2021 Member Individual of the Year Winner
AusCERT2021 Member Organisation of the Year Winner
AusCERT2021 Diversity and Inclusion Champion
AusCERT2021 Information Security Excellence Winner 

And finally, Q2, 2021 also saw the team publishing a number of articles across Issue 2 and 3 of the Women in Security Magazine by team Source2Create. To check these articles out, please subscribe to the magazine here: womeninsecuritymagazine.com

Events

Q2, 2021 began with the joint AusCERT (UQ) & Duo Security webinar during which our Director, Dr. David Stockdale, discussed the focus on securing remote access as a key step in the zero-trust journey.

In late April we discussed the 2020 BDO and AusCERT Cyber Security Survey insights. A copy of the webinar recording can be found here.

The milestone event for the team in Q2, 2021 was obviously the AusCERT2021 conference during which the team celebrated the 20th anniversary edition of our annual event. For those who missed out, we’d like to share the following wrap-up article on AusCERT2021. Folks can also catch up on all the recordings and presentations from the conference via our AusCERT YouTube channel and the conference program page here.

Finally, after a hiatus in 2020, the team is resuming our in-person and virtual training workshop offerings to our members and the wider information security community. The latest course offering is “Introduction to Cyber Security for School Professionals”.  

TopBuilt with Shorthand