Analysis of COVID-19 Cyber Threats and Mitigation Strategies

This report provides a detailed analysis of the Threat Update COVID-19 Malicious Cyber Activity case study. It begins by identifying and examining various types of malicious cyber activities, including banking-themed SMS phishing campaigns, phishing emails, and IT helpdesk scams, as identified by the ACSC. The report then categorizes organizational assets, encompassing people, procedures, data and information, software, hardware, and networking. Subsequently, it identifies and prioritizes threats associated with each asset type, justifying the prioritization methods used. Finally, the report analyzes the ACSC's proposed mitigation strategies, linking them to fundamental security principles such as layering, limiting, diversity, obscurity, and simplicity. The analysis aims to provide a comprehensive understanding of the cyber threats and effective mitigation approaches during the COVID-19 pandemic.