The current cyber security threat landscape

A look at recent trends in the cyber security landscape reveals that the pandemic has exacerbated the threats to organisations – and not-for-profits are not immune from attack.
The current cyber security threat landscape

The cyber security landscape is constantly evolving, but some things never change. The current threat landscape bears the typical theme of malicious actors taking advantage of crises with a view to capitalising on them. This has been no different during the COVID-19 pandemic and now with the tensions between Russia and Ukraine that could have cyber security implications globally. This guide is an overview of some recent trends that highlight the importance of cyber security for all organisations, including not-for-profits.

Cyber security impacts arising from the tensions between Russia and Ukraine

The Australian Cyber Security Centre (ACSC) has urged Australian organisations to urgently adopt an enhanced cyber security posture following increased cyber risk globally.  For not-for-profits this means continuing to focus on cyber security fundamentals:

  • Be vigilant with communications you receive such as emails and text messages, particularly those that portray a sense of urgency or request donations to charities. These may be scams or phishing attempts.
  • Use strong passwords to protect access to all your IT systems, and multi-factor authentication on your important user accounts
  • Keep your devices and applications updated – vulnerabilities in devices and software provide opportunities for malicious actors to compromise your IT systems and information.
  • Understand the steps you would take in the event of a cyber security incident. Contact the ACSC for assistance in the event of a cyber security incident that impacts the operations of your organisation.


Ransomware has affected organisations around the world and, in recent times, more so in the space of essential services and critical infrastructure. The Australian Cyber Security Centre (ACSC) noted a 15% increase in ransomware reports in the 2020-21 financial year. In May 2021, JBS Foods, a global meat and food processing company with a presence in Australia, had operations disrupted by ransomware; the same month saw an outage in the network of Colonial Pipeline, a US fuel pipeline operator. This led to the panic buying of fuel, a spike in energy prices and the declaration of a state of emergency in some US states.

Not-for-profits haven’t been spared from such attacks. The health care and social assistance sector was the second-highest reporting sector of ransomware-related incidents in Australia, according to the ACSC Cyber Threat Report 2020-21. With the health sector under pressure due to the pandemic, cyber actors viewed health organisations as more vulnerable. 

Holding organisations to ransom by the introduction of malware that locks organisations out of their own information systems seems to be the preferred method of cybercriminals. Malicious actors use personal information found within social networks and other social engineering tactics to launch phishing and spear phishing attacks to deploy ransomware. Phishing-style compromises tend to originate via email, messaging applications and SMS. One common technique is ‘double extortion’, where ransom payments are demanded to unlock encrypted data, and then once more to ensure it is not released into the public domain. 

The exploitation of publicly reported security vulnerabilities within applications and IT systems allows state-sponsored and cybercriminal actors to act quickly and catch organisations by surprise. The successful infiltration of IT networks results in stolen data and compromised personal accounts. This kind of attack will be used for improper gain as online technologies continue to extend into all facets of life, such as with Internet of Things devices. 

Supply chains

As networks and supply chains bind us ever closer together, such methods will continue to be a means by which malicious actors can compromise organisations, particularly via third parties such as suppliers or contractors.

While this type of cyber attack may target organisations that have basic cyber hygiene practices in place, it presents cyber criminals with a path to impact a number of organisations at scale via a single supplier compromise, for example.

Business email compromise

Business email compromise (BEC) refers to cybercriminals impersonating a stakeholder such as a supplier or staff member to scam an organisation. It can result in the loss of funds or products. More than 4,600 BEC scams cumulatively worth over $81 million in losses occurred in Australia in the financial year 2020-21. While BEC scams have impacted organisations for years, these scams have become more prevalent and more successful during the pandemic. The shift to remote work means staff are less able to personally verify email requests with colleagues than they would have been when staff worked alongside each other. Organisations purchasing pandemic-related supplies have been especially targeted by these scams.

Data privacy breaches

Data privacy breach trends from the Office of the Australian Information Commissioner (OAIC) Notifiable Data Breach report (Jan-June 2021) indicate that criminal attacks were the primary source of data breaches reported, with human error and system faults being the other major sources. Phishing, ransomware and compromised/stolen usernames and passwords were the main causes of these data breaches. The health sector in Australia remains the sector with the highest reporting rate of data breaches. The most common types of personal information involved in a data breach are an individual’s identity information, contact details and financial information.

Improving security practices within organisations to uphold data privacy is key to bolster digital trust and drive the protection of personal information.

What to do to keep your organisation secure

The advice for organisations to protect themselves against these threats consists of tried and true methods:

  • Know where sensitive or valuable information is located and apply appropriate measures for protection from a process and technical perspective.
  • Train staff on how to recognise phishing attempts, use passphrases and have processes in place to prevent business email compromise scams.
  • Know who your key suppliers are in terms of the risk profile they present: what they do for your organisation and their link to your key business processes. Ask cyber security questions of your suppliers and ensure supplier contracts include expectations to maintain the security of your information and other measures such as data backups, where applicable.
  • Have a cyber security incident response plan that outlines roles and responsibilities and steps you would take in the event of a cyber security incident. Report cyber security incidents via ReportCyber to assist the ACSC with understanding the Australian cyber threat environment.
  • Implement the ACSC Essential 8 mitigation strategies as a primary technical mechanism to prevent and reduce the impact of a cyber security incident. These measures include employing multi-factor authentication and keeping IT systems and applications up to date. 

Learn more

The ACSC has a series of personal security guides available with information on how to protect yourself from cybercrime. We all have a role to play in securing our digital environment and being cyber smart. For more information on the basics to have in place to secure your organisation refer to our guide on the domains of cyber security.

Rate this guide

No votes yet

Status message

Thanks for rating this guide.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.