Security incidents going unreported: CERT Australia

Forty-four per cent of respondents did not report cyber security issues to law enforcement agencies

Computer Emergency Response Team (CERT) Australia has called for more Australian organisations to report cyber security issues to the police following the results of its annual survey.

The Cyber Crime and Security Survey 2012 received responses about cyber security preparedness from 255 companies, which partner with CERT Australia. According to the survey, 44 per cent of respondents did not report cyber security incidents to law enforcement agencies such as the Australian Federal Police (AFP).

When asked why they had chosen not to file a report, 74 per cent stated that they did not think the incident warranted investigation.

In addition, 35 per cent of respondents wrote that they did not believe law enforcement agencies had the capability to conduct an investigation while another 26 per cent believed the cyber criminal would never get caught.

Companies still unprepared for cyber attacks: Deloitte

Election 2013: Coalition should keep Australian cyber security centre says academic

Australian Cyber Security centre deemed new government hub

Of the companies who did report one or more incidents, 44 per cent were filed with a law enforcement agency while 29 per cent contacted CERT.

“Out of those respondents who did report a cyber security incident to law enforcement, 33 per cent stated that it was their understanding the incident was not investigated and 29 per cent stated they did not know the outcome from the referral, while 8 per cent of matters referred to law enforcement were reported to have resulted in a person being charged,” the survey said.

“These findings highlight that the CERT needs to articulate to business the benefits of reporting cyber security incidents to CERT Australia and to law enforcement, and that all information provided to the CERT is held in the strictest confidence.”

Cyber incidents

Turning to the type of cyber security incidents companies experienced, theft of a notebook, tablet or mobile device was the most common security issue with 32 per cent reporting that this occurred.

Viruses or worm infections were experienced by 28 per cent of respondents while Trojans/rootkit malware affected 21 per cent of businesses.

Unauthorised access and breach of confidential information were reported by 18 and 17 per cent of respondents. In addition, 16 per cent of companies experienced denial-of-service attacks.

Of the respondents who knew they had suffered an electronic attack, 71 per cent reported they had been subject to between one and five external attacks, whilst 44 per cent reported they had been subject to one or more internal attacks.


Turning to the computer security technologies used by organisations, more than 90 per cent of respondents indicated that they use antivirus software, spam filters, and firewalls.

In addition, more than 80 per cent said that they use access control and virtual private networks (VPNs) while 60 per cent use intrusion detection systems (IDS).

Almost half of respondents had deployed reusable passwords and multifactor authentication technologies such as biometrics, smartcards and tokens.

Security policies

The survey also found that basic security policies are being applied by the majority of surveyed organisations. For example, 84 per cent deploy user access management while 73 per cent have external network access control.

However, CERT Australia reported that there are still areas for improvement. Less than half of respondents had plans in place for the management of removable computer media, such as USB sticks, and less than 25 per cent had policies and procedures in place for using cryptographic controls.

Only 12 per cent of respondents reported having a forensic plan in place. According to CERT Australia, these plans help monitor use of the ICT systems, provide mechanisms to recover lost data, and provide ways to protect information on systems.


While there were still areas for improvement with security policies, the survey did find that 52 per cent of respondents had increased their IT security expenditure in the previous 12 months.

“While it is unknown where this expenditure was directed within an organisation, it is a positive step demonstrating the need for continual investment in information security,” read the report.

Forty-two per cent had not increased their spending and 6 per cent did not know if their spending had increased or decreased.

About 11 industry sectors took part in the CERT Australia survey, with the greatest representation coming from energy (17 per cent), defence industry (15 per cent), communications (12 per cent), banking and finance (9 per cent).

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the CSO newsletter!

Error: Please check your email address.

Tags online securityauscertsecurity budgetsinformation securitycert australiaCyber Crime and Security Survey 2012

More about Australian Federal PoliceCERT AustraliaComputer Emergency Response TeamFederal PoliceTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place