Inside AusCERT's Cybercrime Symposium

Powered by SC Magazine
 

Australia's InfoSec stakeholders rub shoulders.

Combating online banking fraud requires the banks, various law enforcement agencies, CERTs and sometimes related parties (such as telcos and ISPs) to share information on new threats and mitigation strategies.

But just because a given individual wears the badge for one of these organisations, it doesn't immediately foster trust. The sharing of data – often sensitive to the organisation that has collected it – requires strong relationships at the highest levels.

The AusCERT Cybercrime Symposium, held on the Sunday before the annual AusCERT conference on the Gold Coast, is one attempt to encourage these connections.

Complete coverage of AusCERT 2012

At this year's event, members of anti-fraud teams from Australia's major banks, government agencies, law enforcement, security vendors and stakeholders in critical infrastructure gathered together in closed-door sessions to continue to work through industry issues and build trust.

The sessions aim to share information on the nature and impact of online crime and what tools the black hats are using. It also takes a look at what initiatives various stakeholders can collectively deploy to secure essential systems against attack.

SC Magazine spoke to two of the presenters at the Symposium in the lead-up to the event to give AusCERT attendees a flavour of what gets discussed behind the closed doors.

For Shaun Vlassis, a cybercrime expert with the Commonwealth Bank's CBAcert , the event is all about developing and nurturing trust relationships.

"My main aim at the symposium is to share the knowledge and experience we have through monitoring and actively mitigating online fraud against our customers on a daily basis," he told SC.

The event allows attendees to "put names to faces" for future collaboration, he said.

"It builds heavily on trust, which underpins a lot of the collaboration we do," he said. "In a lot of cases, unless you have shared a beer with someone you will not get the same level of interaction as you would get otherwise."

Fellow presenter Jake Lambert, a technical account manager at security vendor Vasco, will use the event to divulge information on upcoming products the company is working on, well before their release date.

"It's good for us to bounce new things out in the market by those at the front line," he said.
"End users are not able to protect themselves while on the internet from the threat of malware," Vlassis said. "However it is the merging of many threats, not just malware, that allows a criminal to enjoy some level of success."

Unfortunately that means no journalists – not even SC – are allowed in.

Lambert said there are "new weapons in the arsenal to make it harder" for cybercriminals to succeed.

"Even if they have compromised your information, these solutions aim to prevent them doing any damage," he said.

He boasts that implementation of these next generation tools could yield up to a 50 percent decrease in online banking fraud.

Assessing the threat level

This year, Vlassis doesn't expect much surprising data on the types of threats the industry faces.

From a technology perspective, the malware designed to defraud online banking customers has not changed significantly in recent years, he said.

Technology solutions such as two-factor authentication and voice biometrics have "covered the 99 percent" of issues.

For the remainder, cybercriminals must now employ a range of social engineering techniques to achieve their goals. This requires more dedication and sophistication than in the past - both on the part of attackers and those charged with security systems.

"You'll always get someone that clicks on a link or takes in a trojan from a web site," Vlassis said. "It is the merging of many threats into one that allows a criminal to enjoy some level of success."

But there are some questions – unanswered in public forums – about the volume of attacks. The closed-door sessions at AusCERT give stakeholders the opportunity to gather some trusted numbers and real-world scenarios to more accurately gauge threat levels.

It's a far more trusted alternative to the cybercrime statistics bandied about by security vendors and even government departments. Two economists, sponsored by Microsoft, recently voiced their doubts on the severity of cybercrime in a report published in the New York Times, and both Vlassis and Lambert agree that there is a tendency for the threat to be over-stated.

"When considering the numbers on losses, you always need to consider which organisation generated the stats," Vlassis said. "This level of information [is] not being shared openly – you certainly won't see it in a news article. Some of the statistics, from quarterly or annual security vendor updates, are calculated in terms of 'potential exposure', on the basis of the average size of an account and number of accounts and not actual losses."

Vlassis expects his peers in the Symposium to report that the threat continues to increase. There were an unprecedented number of attacks over the past 12 months across all industries, he said, highlighting the apparent ease with which groups like LulzSec and Anonymous illustrated how even the largest of institutions could be compromised.

"There is blood in the water," he said.

These high profile cases have only reinforced the need for stakeholders in IT security to get together and sharpen their processes.

Participants in such forums can often leverage contacts made during the symposium in times of heightened risk. Vlassis notes that international law enforcement and internet industry representatives, often invited to these forums, might be called upon at a latter date if a phishing site hosted in their region is found to be collecting information on Australian customers, for example.

There are well-publicised examples of stakeholders coming together to approach a particularly menacing threat. Microsoft pulled together a working group in 2009, for example, to tackle the Conficker worm. This group included domain name authorities, ISPs, IT security vendors, academia and other independent researchers.

While the worm ultimately continues to impact organisations, the working group's legacy has been greater information sharing between stakeholders. It has published tools to check whether systems are infected, repair tools and a report on the lessons learned from mitigating the threat.

Vlassis noted the Conficker Working Group as an example of where industry collaboration can yield measurable results.

"It's always good to talk to like-minded people in our community – to find out what the industry is doing," Lambert says. "I hope to meet some other security experts that share common goals."
"[The Symposium] has been extremely successful over the years," Vlassis agreed. "I'm looking forward to participating."

Copyright © SC Magazine, Australia


Inside AusCERT's Cybercrime Symposium
 
 
 
Top Stories
Frugality as a service: the Amazon story
Behind the scenes, Amazon Web Services is one lean machine.
 
Negotiating with the cloud email megavendors
[Blog post] Lessons from Woolworths’ mammoth migration.
 
Qld govt to move up to 149k staff onto Office 365
Australia's largest deployment, outside of the universities.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

The great data centre opportunity on Australia's doorstep
The great data centre opportunity on Australia's doorstep
Scott Noteboom, CEO of LitBit speaking at The Australian Data Centre Strategy Summit 2014 in the Gold Coast, Queensland, Australia. http://bit.ly/1qpxVfV Scott Noteboom is a data centre engineer who led builds for Apple and Yahoo in the earliest days of the cloud, and who now eyes Asia as the next big opportunity. Read more: http://www.itnews.com.au/News/372482,how-do-we-serve-three-billion-new-internet-users.aspx#ixzz2yNLmMG5C
Interview: Karl Maftoum, CIO, ACMA
Interview: Karl Maftoum, CIO, ACMA
To COTS or not to COTS? iTnews asks Karl Maftoum, CIO of the ACMA, at the CIO Strategy Summit.
Susan Sly: What is the Role of the CIO?
Susan Sly: What is the Role of the CIO?
AEMO chief information officer Susan Sly calls for more collaboration among Australia's technology leaders at the CIO Strategy Summit.
Meet the 2014 Finance CIO of the Year
Meet the 2014 Finance CIO of the Year
Credit Union Australia's David Gee awarded Finance CIO of the Year at the iTnews Benchmark Awards.
Meet the 2014 Retail CIO of the Year
Meet the 2014 Retail CIO of the Year
Damon Rees named Retail CIO of the Year at the iTnews Benchmark Awards for his work at Woolworths.
Robyn Elliott named the 2014 Utilities CIO of the Year
Robyn Elliott named the 2014 Utilities CIO of the Year
Acting Foxtel CIO David Marks accepts an iTnews Benchmark Award on behalf of Robyn Elliott.
Meet the 2014 Industrial CIO of the Year
Meet the 2014 Industrial CIO of the Year
Sanjay Mehta named Industrial CIO of the Year at the iTnews Benchmark Awards for his work at ConocoPhillips.
Meet the 2014 Healthcare CIO of the Year
Meet the 2014 Healthcare CIO of the Year
Greg Wells named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at NSW Health.
Meet the 2014 Education CIO of the Year
Meet the 2014 Education CIO of the Year
William Confalonieri named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at Deakin University.
Meet the 2014 Government CIO of the Year
Meet the 2014 Government CIO of the Year
David Johnson named Government CIO of the Year at the iTnews Benchmark Awards for his work at the Queensland Police Service.
Q and A: Coalition Broadband Policy
Q and A: Coalition Broadband Policy
Malcolm Turnbull and Tony Abbott discuss the Coalition's broadband policy with the press.
AFP scalps hacker 'leader' inside Australia's IT ranks.
AFP scalps hacker 'leader' inside Australia's IT ranks.
The Australian Federal Police have arrested a Sydney-based IT security professional for hacking a government website.
NBN Petition Delivered To Turnbull's Office
NBN Petition Delivered To Turnbull's Office
UTS CIO: IT teams of the future
UTS CIO: IT teams of the future
UTS CIO Chrissy Burns talks data.
New UTS Building: the IT within
New UTS Building: the IT within
The IT behind tomorrow's universities.
iTnews' NBN Panel
iTnews' NBN Panel
Is your enterprise NBN-ready?
Introducing iTnews Labs
Introducing iTnews Labs
See a timelapse of the iTnews labs being unboxed, set up and switched on! iTnews will produce independent testing of the latest enterprise software to hit the market after installing a purpose-built test lab in Sydney. Watch the installation of two DL380p servers, two HP StoreVirtual 4330 storage arrays and two HP ProCurve 2920 switches.
The True Cost of BYOD
The True Cost of BYOD
iTnews' Brett Winterford gives attendees of the first 'Touch Tomorrow' event in Brisbane a brief look at his research into enterprise mobility. What are the use cases and how can they be quantified? What price should you expect to pay for securing mobile access to corporate applications? What's coming around the corner?
Ghost clouds
Ghost clouds
ACMA chair Chris Chapman says there is uncertainty over whether certain classes of cloud service providers are caught by regulations.
Was the Snowden leak inevitable?
Was the Snowden leak inevitable?
Privacy experts David Vaile (UNSW Cyberspace Law and Policy Centre) and Craig Scroggie (CEO, NextDC) claim they were not surprised by the Snowden leaks about the NSA's PRISM program.
Latest Comments
Polls
Which bank is most likely to suffer an RBS-style meltdown?





   |   View results
ANZ
  21%
 
Bankwest
  9%
 
CommBank
  11%
 
National Australia Bank
  17%
 
Suncorp
  24%
 
Westpac
  19%
TOTAL VOTES: 1449

Vote