“The ACSC has observed two distinct trends when it comes to the level of sophistication
employed by adversaries and cybercriminals. At one end of the spectrum, increasingly
sophisticated exploits are being developed and deployed against well-protected networks,
particularly government networks. This reflects investment in new tools and techniques to
keep pace with our efforts to protect networks. On the other end, the ACSC continues to
observe many adversaries, particularly criminals, compromising networks using publicly known
vulnerabilities that have known mitigations. Too many of the incidents the ACSC responds to
could have been prevented had organisations employed established and relatively straightforward
cyber security measures. WanaCry, for example, used a publicly known vulnerability
that had been patched months before and that the ACSC had publicly reported.”
READ THE FULL REPORT https://www.acsc.gov.au/publications/ACSC_Threat_Report_2017.pdf