Cybersecurity Resources

This page is dedicated to advancing baseline cybersecurity awareness for neurodivergent individuals, and the broader community. You may recognise content from our online cyber awareness series ‘Safe Mode’.

Our cybersecurity resources are helping to keep you safe, leveraging the expertise of Untapped Cyber, the full spectrum of cybersecurity practices. Untapped Cyber is founded on the principles of creating a sustainable cybersecurity workforce for neurodiverse, First Nations, veterans and returning-employees, especially women and carers.

If you are interested in learning more about Untapped’s cybersecurity resources and services, please email: contact@untapped-talent.com

 
The average self-reported cost of cybercrime in 2023-24 is $30,700
— ASD Cyber Threat Report, 2024
 

Contents 

  1. What is Cybersecurity? 

  2. Common types of cybersecurity threats 

  3. Best practices for individuals and organisations 

  4. Additional resources 

  5. Careers 


 

1. What is Cybersecurity? 

Cybersecurity is the practices, policies, and technologies in place to prevent and mitigate cyberattacks. Cybersecurity aims to protect computers, networks, programs, and data from damage or unauthorised access. 

Just like we lock doors to keep burglars out of our home, cybersecurity locks them out of our accounts and devices. 


 

2. Common types of cybersecurity threats 

Social Engineering:  

Social engineering is the methods used to impersonate or manipulate individuals into carrying out specific actions. Social engineering may involve messages or emails that are sent by malicious actors in attempts to direct users to perform specific actions, such as visiting a website, downloading a file, or opening an attachment. Malicious actors will often go to lengths to make their messages appear legitimate and trustworthy. 

 

Phishing: 

Phishing is a method that cybercriminals employ to trick you into giving them personal information. You may be sent fraudulent emails, texts, and links from individuals posing as large organisation you know or trust. e.g. a fake bank or organisation asking you to click on a link. 

If a phishing attempt is suspected, it is critical that you report this activity and do not click on any links or attachments. 

 

Spear-Phishing: 

Spear-phishing is when the messages to the recipient are highly targeted and tailored. It may mention:  

  • Your Name 

  • Interests 

  • Friends/Family 

AI enhanced social engineering allows low capability actors to generate more labour-intensive activities – such as spear phishing 

 

Phishing (Vishing): 

Vishing is a recent phenomenon where criminals employ a video phishing scam. Cybercriminals can use AI-generated deepfakes to trick you into performing actions by disguising themselves as colleagues via digital conference calls. 

 

Malware: 

Malware (malicious software) is any software or program that is designed to bring harm to a system, or gain unauthorised access to computers, networks, clients, and servers. Malware attacks can have severe and ongoing impacts on individuals and organisations. Malware can be distributed in ways such as: 

  • Spam email and messages  

  • Malicious websites  

  • Posing as trusted applications  

  • Exploiting software vulnerabilities 

Malware can come in many different shapes and sizes, such as: 

 

Viruses: A type of malware which attaches itself to a file’s code and then starts running whenever the file is opened.  

Worms: Standalone programs that can spread themselves between computers and can have many different payloads. Viruses and worms can both steal your information, download and install other harmful files, or even delete your files. 

Ransomware: A type of malware that enters your device and encrypts all your files, preventing your access. The attacker then demands a ransom to be paid to restore access to the files. 

Trojans: Programs that appear purposeful and useful to the user, although they operate maliciously when operated. Trojans can perform actions hidden from the user and steal information, download harmful files, and even create a ‘backdoor’ into your device. 


 

3. Best practices for individuals and organisations 

This section is dedicated to sharing some of easiest, and best practices that you can adopt now to stay safe online.  

 

Setup Multi-Factor Authentication (MFA): 

Multi-Factor Authentication (MFA) is a simple way to prove your identity when you sign into an account. It requires 2 or more authenticator options to be able to sign in. MFA can include using your login details (username and password) as well as an authentication code to access your account. This makes it harder for someone else to access your online accounts as they need both proofs of identity. MFA can be thought of as adding additional locks to the front door of your account. 

 

Regular Software Updates: 

Software updates are better, and improved versions of software or apps on your device. By installing software updates regularly, you can help improve your security. Check that automatic updates is turned on, so you can be notified when an update is available. 

When a company finds a weakness in its software, it releases an update (or “patch”) to fix it – like adding a stronger lock to your front door. The longer you don’t update your software, the more exposed you could be to a cyber-attack. 

 

Strong and Unique Passphrases:

Passphrases can be thought of as more complex and secure passwords. A passphrase is a string of words that may include spaces or special characters (e.g., ‘red house sky train’). Passphrases are most effective when they are long, unpredictable, and unique. 

Sometimes MFA may not be available, meaning a strong passphrase can be the only barrier to your valuable information and accounts. You should aim to make a passphrase unpredictable with at least four, random words. 

Passphrases are preferred over traditional passwords as they generally have more entropy and are therefore more secure. Password entropy is the measurement of how unpredictable, and subsequently unguessable, a password is. 

 

Backup files: 

Backups are digital copies of your important data such as photos, documents, financial records and other files. If your data is lost or damaged, a backup can be used to restore it. Backups can be on both physical media and/or the cloud. 

Regular data backups can protect against hardware failures, theft, or malware that make recovering data expensive and sometimes impossible.  

Securing a backup solution with MFA ensures nobody else can get access even if cybercriminals compromise your password. 


 

 4. Additional resources: 

 For those who would like to deepen their understanding of cybersecurity and stay protected online. 

 

Genius Armoury Free Cybersecurity Education:

 
 

Untapped Cybersecurity Services:

 
 

Cyber, Australian Signals Directorate:

 
 

If you are a victim to a cybercrime or cyber security incident, make sure you report it immediately.


 

5. Careers: 

If you’re interested in a career in cybersecurity, Genius Armoury is a great place to start. 

 
 

Neurodivergent individuals can have excellent memory, ability to see patterns, great attention to detail, and ability to focus on tasks for prolonged periods – all perfect for cybersecurity! 

Genius Armoury offers a range of courses to help introduce people to cybersecurity, exploring some of the fundamentals of coding, threats and exploits, networking and more. Genius Armoury can help you identify and prepare you for exciting career opportunities towards becoming a cybersecurity professional. 

 

Start Learning Now: https://geniusarmoury.com/