By Dr Carolyn Patteson, Executive Manager, CERT Australia
The cyber threat is real and ever present – and every business is at risk. Australia’s security and intelligence agencies have stated publicly that we are experiencing increasingly sophisticated attacks on networks and systems in both Government and business.
The cyber threat comes from a range of sources, including individuals, issue-motivated groups, organised criminal syndicates, and the intelligence services of some foreign governments. The motives for cyber incidents include corporate attack, illicit financial gain, political and protest issues, personal grievance (a disgruntled employee or customer), and issue motivated hactivists.
A cyber attack can be very disruptive, having a huge financial impact on a business and also harming its professional reputation. As the national computer emergency response team, CERT Australia in the Australian Attorney- General’s Department, is the single point of contact for cyber security issues affecting major Australian businesses.
In 2012, there were close to 7,300 incidents reported to CERT Australia. By mid-August 2013, around 8,500 incidents had already been reported. Many of these are categorised as less severe, such as scans of firewalls or websites. However, at the higher end, there are both broadbased and targeted attacks. For example, there have been an increasing number of businesses under pressure from distributed denial-of-service (DDoS) attacks, where the instigator demands payment to stop the attack or ‘cease fire’. This method of extortion is not new – but it is becoming more frequent. This is due to the ease with which people can access attack tools and services from online criminal groups. It is also due to the growing reliance of companies on their customer facing web services, now an essential part of business.
Another common method of attack is to target senior executives, often through their direct support staff. This generally involves a well-crafted email message – one that is topical without any tell-tale mistakes. It is the links and attached files in the emails that are the first point of entry into a target network. This is particularly effective in businesses where cyber vigilance is not part of the culture – and where busy executives and their assistants are barraged by a large number of emails every day. These businesses are targeted for their intellectual property or financial information. Read More
