Australia's Cybersecurity Crisis: Thousands of Vulnerable Assets and Outdated Protocols

Australia's Cybersecurity Crisis: Thousands of Vulnerable Assets and Outdated Protocols

Australian organisations face a significant cybersecurity challenge, with thousands of vulnerable assets and outdated protocols posing substantial risks. Tenable's recent research has uncovered alarming figures, highlighting the urgent need for improved cyber hygiene.

Over 4,000 APIs, 12,000 internet-facing assets, and more than 8,000 assets are susceptible to the Log4J vulnerability, leaving organisations exposed to potential exploitation. Moreover, over 9,500 web-based assets still use the outdated TLS 1.0 protocol, despite Microsoft disabling it in 2022. These issues stem from outdated software, weak encryption, and misconfigurations. Australia experienced a staggering 76,000 cyber attacks last year, underscoring the severity of the situation. Worryingly, only a handful of organisations have a comprehensive understanding of their complete digital footprint, with over 12,000 internal assets exposed and accessible externally.

The Log4J vulnerability, which affected numerous organisations worldwide, has underscored the importance of continuous security audits and stronger regulatory measures. However, specific organisations in Australia using outdated versions of Log4J remain unidentified. Tenable's research found that the average organisation has nearly 12,000 internet-facing assets susceptible to exploitation, with over 290,000 assets across studied organisations at risk of potential exploitation.

The prevalence of cyber hygiene issues in Australia's largest organisations is cause for concern. With thousands of vulnerable assets and outdated protocols, organisations must prioritise addressing these issues promptly to mitigate risks. Strengthening regulatory measures and continuous security audits are crucial to enhance Australia's cybersecurity posture.

Read also:

• Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
• SonicWall executive Michael Crean discusses the current state of managed security
• Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
• Stolen Brain Data of Sinner and Leclerc (Yellow chroma), previously held in China, repurposed for military training purposes.