Russian Hack: Make Security Great Again!


ASM_Mag, feb-mar 2017 Cover“There is a major war brewing, a war that’s already global. Every day that we refuse to look at this as what it is — and the scale of it, and really the viciousness of it — will be a day where you will rue that we didn’t act.” Stephen K. Bannon, 2014 discussing the Islamic State Caliphate. Bannon is now the White House Chief Strategist to US President Donald Trump.

Having an understanding of ‘security’, as both an applied science, as well as an outcome, conjures up an appreciation of human weakness and technical vulnerabilities. Security is also as much a human feeling, as is love and fear. Indeed, feelings of security often sits alongside both, but alongside fear it can be politicised and manipulated, potentially becoming very dangerous. As Prince Charles said recently, “the horrific lessons of the last War seem to be in increasing danger of being forgotten.”

Fear is why the public reacts strongly with reassurance to political statements of security around the ‘threat of terrorism’, yet ignores the scores of daily murders and shootings caused as a result of domestic violence and organised crime. Or why US President Donald Trump would prefer to cause worldwide disruption by banning ‘terrorist’ countries, despite reports that none of the seven listed countries have been a direct source of any terrorists, and the ones that do show up repeatedly as a source — especially Pakistan, Saudi Arabia, and Egypt — aren’t on the list. The order on ‘protecting’ Americans from terror attacks also ignores the thousands kills by American guns – over 15,000 gun related deaths in 2016. Yet, it is the very same reason why the NSW Government creates a position for a new Minister for Counter Terrorism, a week following a public admission from the NSW Crime Commission that they have ‘lost the war on drugs.’

As I wrote in my last editorial of 2016, the trends of last year were surely enough to indicate that 2017 is going to be a fascinating year in a security context. The impact of the new US President Donald Trump has been immediate and intense. China is clearly making it known that it will not budge if pushed or tested on the militarisation of the South China Sea – they now have air, land and maritime control of their claimed sovereign territory. Sanctions and military rhetoric has also intensified with Iran and the conflict in Ukraine continues, testing NATO’s patience and the relationship between the US and the European Council. Much of this is unprecedented and unpredictable – to say the least! Prepare for continued fundamental shifts in world affairs, prepare for expanding military conflict and prepare for these events to have a major impact on Australia and across the Asia Pacific.

In this issue, we cover the Russian Hack which is confirmed to have been designed to manipulate the federal election of the world’s most dominant democracy and could well be the defining element in modern human history if Trump continues unabated. Also, highlighted in our interview with David Shearer, CEO of ISC2, “cybersecurity has been increasingly regarded as a strategic international issue affecting all levels of society.” Ryan Linn, Director of Advanced Threats and Countermeasures at Nuix, writes, “cybersecurity is just now becoming a talking point in Australia. For various reasons, I don’t think Australia is quite there yet.” This should be concerning.

Nation states and sponsored operatives will use cyber espionage more and more to cause political shifts, disruption, and to gain economic advantage. The inherent weaknesses of email, means it is critical that organisations take proactive measures to secure themselves from simple phishing emails right through to impersonation and weaponised attachments. Malware can be easily bought online, meaning that criminals with little to no computer skills are free to send infected emails. It is also vital that organisations look to train employees to be and remain alert as the gatekeepers into an organisation. This extends to the CEO, CFO and Board Chair. It is the top down approach most needed.

It is also incumbent on all security professionals, be they in the physical or cyber domain to come together and multi-skill – this requires the state regulators to recognize it is 2017 and a new world – the continued disparity in security industry state regulation and federal legislation yet to pass on mandatory data breach disclosure are both signals Australia remains a long way behind and at risk of succumbing to cyber warfare, espionage and cybercrime adversaries, as well as planned and opportunistic terror attacks. But worse is the continued horror of domestic violence killings and drug wars lost across the country but no political will, or even a capacity, to deal with it.

To demonstrate our commitment to the security domain and the urgently needed focus on cybersecurity, MySecurity Media is launching the Australian Cyber Security Magazine in 2017 – this will be published alongside our existing channels. This edition remains strongly influenced by the cybersecurity threat but we also cover vehicle borne terror attacks, city wide technologies and my book review of Bruce Schneier’s book, Data and Goliath questions the mass surveillance approach, particularly in light of my review of the Canalys Channels Partner ‘Digital First’ Forum in Macau, which highlights the European Union General Data Protection Regulations (GDPR) entering into application in 2018. The wider implications of the GDPR are focused on data privacy controls without country or regional boundaries. This is reflecting the nature of data flows, new technologies and the creative and disruptive business models emerging in new digital economies. How Australia and the APAC region fairs in 2017 politically, economically and technologically is yet to be seen but we’re surely in for an interesting and challenging ride. I doubt we’re sufficiently prepared or have ready the needed public mindset which resists fear and remains security aware.

And on that note, as always, we provide plenty of thought provoking material and there is so much more to
touch on. Stay tuned with us as we continue to explore, educate, entertain and most importantly, engage.

Chris-CubbageChris Cubbage

Executive Editor