A new report has found fifty one critical infrastructure operators in Australia have been breached in the last year with nine losing proprietary information.
The Cyber Crime and Security Survey Report (pdf), commissioned by CERT (Computer Emergency Response Team) Australia and authored by the Centre for Internet Safety, received 255 responses from organisations operating systems of national interest. The organisations came from sectors including energy and water utilities, defence, communications and finance.
Ten of those breached organisations had experienced more than 10 breaches in the last year.
Most breaches were due to theft of devices, automated hack tools, software vulnerabilities, and mis-configured operating systems, applications or network devices.
Twenty two breaches were caused internally, the same number as those which reported attacks to police.
Ten kept the incident quiet "because of the fear of negative publicity" and 36 did not think the attacks warranted law enforcement investigation.
Of those organisations which reported breaches, eight claimed the incidents were not investigated, ten did not know the outcome of an investigation, and four reported a person was charged as a result.
Most surveyed organisations had standard security technologies in place while 153 had intrusion detection systems. Two-thirds possessed documented incident management plans, but only 31 had forensic plans in place.
Half of the organisations increased security spend over the last year and considered attacks against them to be targeted.
Most respondents from the energy, water and transport sectors said they were part of the Federal Government's Trusted Information Sharing Network (TISN), housed within the Attorney General's Department alongside CERT Australia.
The TISN was a platform for organisations of national interest to share information about their networks with the agency under non-disclosure agreements in return for non-public security intelligence. The initiative aimed to provide the Federal Government with good insight into potential vulnerabilities into critical infrastructure networks, and to make operators more resilient.