Cyber threats and business-government engagement

Powered by SC Magazine
 

A view from Australia’s national CERT.

Australian information systems hold substantial data that is of interest to a broad range of cyber actors. These actors may seek illicit access to information for financial reward or strategic advantage, they may intend harm to an organisation, individual or country, or may aim to embarrass whoever is responsible for keeping important information safe.

One of the major strengths of the Internet is that it facilitates access to information from anywhere at any time. But this is also an inherent weakness. Insecure storage and use of access credentials can increase the vulnerability of networks to remote access attacks. And broader confidence and trust in remote access can be undermined by high profile compromises of certificate authorities and security providers.

The cyber environment permits the rapid transfer of tools and techniques among different actors. While one tool or capability might initially be developed by a State or other sophisticated group, once it has been used in the general environment, it can be exploited by others – including through the use of sophisticated zero day exploits.

But while zero-day vulnerabilities are exploited in some specific attacks (Stuxnet and Duqu are examples), the majority of attacks take advantage of well-known, and previously patched vulnerabilities. Microsoft reports that less than 1 per cent of all attacks observed from January-June 2011 took advantage of zero day vulnerabilities. Many cyber attacks come straight through the ‘front door’, via well-crafted emails containing a malicious attachment or link to a malicious file. 

The proliferation of mobile devices and applications poses additional challenges. The rush to connect new devices and use new applications must be matched by appropriate security measures to minimise threats from additional exposure of an organisation’s systems and data.

For example, the iPhone application for remote access to a control system human machine interface (HMI), allows remote access changes to be made to control systems. While the process for developing secure software is undoubtedly improving, it is far from mature. Organisations need to be aware of potential new vulnerabilities when deploying such technology, rather than simply deploying an “app” because it is available.

Frequently, cyber attackers target trusted websites to increase the impact of their work. By compromising reputable sites with malicious content, such as malware, attackers can also affect the computers of those who visit these sites (including gaining access or control).

Recent examples include drive-by downloads on the Herald Sun website and SBS Tour de France results pages. This method of attack circumvents standard security practices to “only visit trusted sites/links” and can undermine broader confidence in the security of the Internet. 

More harm than good?

Breaches of cyber security can result in the exploitation and destruction of data and the disruption of business operations. The consequences of such compromises vary depending upon the nature of the intrusion and the role of the target business. Some security incidents may be catastrophic, as was the case for DigiNotar and Distribute.IT.

In other cases they may result in significant financial and opportunity cost, for example when two US Department of Energy (DOE)-related research laboratories were targeted in July 2011. The response to these intrusions included severing all DOE Internet connectivity for two weeks. A report released by DOE in October 2011 estimated that the cost of the intrusions exceeded $USD 2 million. 

Other potential consequences of cyber incidents include loss of identity or financial information, trade secrets or business process knowledge, or the exposure of bargaining positions to competitors. Where cyber security incidents involve the compromise of systems used to control physical process, there is also the potential for these events to have kinetic consequences. 

A cyber security partnership

The range and pervasive nature of cyber threats means that no single organisation can adequately recognise and counter them. Effective cyber security requires cooperation and collaboration between business and government.

By working together, Australian businesses and government can increase their respective and combined understanding and awareness of cyber security threats, better positioning both for prevention and incident response. As the national computer emergency response team, CERT Australia, within the Attorney-General’s Department, sits at the centre of government engagement with business on cyber security. 

The Australian Government’s Cyber Security Strategy defines the most critical Australian businesses as Systems of National Interest; those which, if rendered unavailable or otherwise compromised, could cause significant harm to Australia’s economic prosperity, international competitiveness, public safety, social wellbeing or national defence and security.

CERT Australia’s engagement with business centres on those organisations that provide such services, and provides access to information not otherwise available, to support effective risk management.  

CERT Australia also provides access to specific security training; such as the Idaho National Laboratories’ training in recognising and responding to cyber attacks on Supervisory Control and Data Acquisition (SCADA) systems.  Where appropriate, CERT Australia can provide direct technical assistance in response to a cyber intrusion. 

CERT Australia encourages all Australian businesses to use the list of the Top 35 strategies for mitigating targeted cyber intrusions released by the Australian Defence Signals Directorate. The top four recommendations are assessed to have mitigated over 80per cent of intrusions responded to by DSD. 

CERT Australia can be contacted on its hotline (1300 172 499), or email info@cert.gov.au by Australian businesses in the event of a cyber security incident.

Copyright © SC Magazine, Australia


Cyber threats and business-government engagement
 
 
 
Top Stories
Hockey flags billion-dollar Centrelink mainframe replacement
Claims 30 year-old tech is holding Govt back.
 
Ombudsman wants to monitor warrantless metadata access
Requests ability to report publicly.
 
Frugality as a service: the Amazon story
Behind the scenes, Amazon Web Services is one lean machine.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

The great data centre opportunity on Australia's doorstep
The great data centre opportunity on Australia's doorstep
Scott Noteboom, CEO of LitBit speaking at The Australian Data Centre Strategy Summit 2014 in the Gold Coast, Queensland, Australia. http://bit.ly/1qpxVfV Scott Noteboom is a data centre engineer who led builds for Apple and Yahoo in the earliest days of the cloud, and who now eyes Asia as the next big opportunity. Read more: http://www.itnews.com.au/News/372482,how-do-we-serve-three-billion-new-internet-users.aspx#ixzz2yNLmMG5C
Interview: Karl Maftoum, CIO, ACMA
Interview: Karl Maftoum, CIO, ACMA
To COTS or not to COTS? iTnews asks Karl Maftoum, CIO of the ACMA, at the CIO Strategy Summit.
Susan Sly: What is the Role of the CIO?
Susan Sly: What is the Role of the CIO?
AEMO chief information officer Susan Sly calls for more collaboration among Australia's technology leaders at the CIO Strategy Summit.
Meet the 2014 Finance CIO of the Year
Meet the 2014 Finance CIO of the Year
Credit Union Australia's David Gee awarded Finance CIO of the Year at the iTnews Benchmark Awards.
Meet the 2014 Retail CIO of the Year
Meet the 2014 Retail CIO of the Year
Damon Rees named Retail CIO of the Year at the iTnews Benchmark Awards for his work at Woolworths.
Robyn Elliott named the 2014 Utilities CIO of the Year
Robyn Elliott named the 2014 Utilities CIO of the Year
Acting Foxtel CIO David Marks accepts an iTnews Benchmark Award on behalf of Robyn Elliott.
Meet the 2014 Industrial CIO of the Year
Meet the 2014 Industrial CIO of the Year
Sanjay Mehta named Industrial CIO of the Year at the iTnews Benchmark Awards for his work at ConocoPhillips.
Meet the 2014 Healthcare CIO of the Year
Meet the 2014 Healthcare CIO of the Year
Greg Wells named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at NSW Health.
Meet the 2014 Education CIO of the Year
Meet the 2014 Education CIO of the Year
William Confalonieri named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at Deakin University.
Meet the 2014 Government CIO of the Year
Meet the 2014 Government CIO of the Year
David Johnson named Government CIO of the Year at the iTnews Benchmark Awards for his work at the Queensland Police Service.
Q and A: Coalition Broadband Policy
Q and A: Coalition Broadband Policy
Malcolm Turnbull and Tony Abbott discuss the Coalition's broadband policy with the press.
AFP scalps hacker 'leader' inside Australia's IT ranks.
AFP scalps hacker 'leader' inside Australia's IT ranks.
The Australian Federal Police have arrested a Sydney-based IT security professional for hacking a government website.
NBN Petition Delivered To Turnbull's Office
NBN Petition Delivered To Turnbull's Office
UTS CIO: IT teams of the future
UTS CIO: IT teams of the future
UTS CIO Chrissy Burns talks data.
New UTS Building: the IT within
New UTS Building: the IT within
The IT behind tomorrow's universities.
iTnews' NBN Panel
iTnews' NBN Panel
Is your enterprise NBN-ready?
Introducing iTnews Labs
Introducing iTnews Labs
See a timelapse of the iTnews labs being unboxed, set up and switched on! iTnews will produce independent testing of the latest enterprise software to hit the market after installing a purpose-built test lab in Sydney. Watch the installation of two DL380p servers, two HP StoreVirtual 4330 storage arrays and two HP ProCurve 2920 switches.
The True Cost of BYOD
The True Cost of BYOD
iTnews' Brett Winterford gives attendees of the first 'Touch Tomorrow' event in Brisbane a brief look at his research into enterprise mobility. What are the use cases and how can they be quantified? What price should you expect to pay for securing mobile access to corporate applications? What's coming around the corner?
Ghost clouds
Ghost clouds
ACMA chair Chris Chapman says there is uncertainty over whether certain classes of cloud service providers are caught by regulations.
Was the Snowden leak inevitable?
Was the Snowden leak inevitable?
Privacy experts David Vaile (UNSW Cyberspace Law and Policy Centre) and Craig Scroggie (CEO, NextDC) claim they were not surprised by the Snowden leaks about the NSA's PRISM program.
Latest Comments
Polls
Which bank is most likely to suffer an RBS-style meltdown?





   |   View results
ANZ
  20%
 
Bankwest
  9%
 
CommBank
  12%
 
National Australia Bank
  17%
 
Suncorp
  23%
 
Westpac
  19%
TOTAL VOTES: 1515

Vote