The NCSC uses threat condition levels to provide a status of the situation of possible organised cyber-attacks against PNG departments and public entities.
The levels are changed on the discretion of the NCSC Manager, based on consideration of:
- threat intelligence reports
- political situations, and
- monitored activities.
The NCSC uses four threat condition levels, listed here in order of low to high:
- Normal: Green status; there is no expected or observed organised cyber-attack to occur.
- Elevated: Yellow status; there is a low possibility of an organised cyber incident occurring to organisations. Organisations are warned and to conduct reviews that systems and measures are in place. Elevation may occur due to a number of reasons (not limited to the following):
- armed conflicts by nations with possible collateral attacks from offensive cyber capabilities
- increased levels of botnet activities, and
- detected attacks against the NCSC
- High: Orange status; there is a strong possibility of an organised attack to occur against organisations. This will occur when the situation from Elevated has escalated or reported from credible sources. PNG organisations are recommended to make preparations to defend a cyber incident.
- Critical: Red status, imminent or an in progress cyber incidents against an organisation.
The below alerts are provided by US-CERT which display up to date information about current security threats, vulnerabilities and exploits. Additionally, you can find the UK NCSC weekly threat reports below to stay up to date.