Catagory:Legal & Regulatory Risk

1
Bypassing the Castle Walls: Tactical Exploitation of America’s Vulnerable Grid
2
Encryption bill to give unprecedented power
3
China in breach of cyber-security pact
4
China’s main security agency linked to cyber intellectual property theft
5
Apple calls for comprehensive US privacy laws
6
Australian Government legislates to protect critical national infrastructure
7
Cost of cybercrime hits a new high according to the ACCC’s Scamwatch Report
8
US Department of Homeland Security unveils five point strategy to combat cyber risk
9
Another Facebook app leaves anonymised data of 3 million users potentially exposed
10
Family Planning NSW the latest victim of cyber attacks

Bypassing the Castle Walls: Tactical Exploitation of America’s Vulnerable Grid

By Cameron Abbott, Max Evans and Wendy Mansell

A recent Wall Street Journal Report has detailed how America’s utility grid was hacked. The Department of Homeland Security has named Russia as responsible for the overwhelmingly complex and threatening campaign.

The scheme targeted energy companies affiliated with the government and was carried out in a sophisticated manner by initially focusing on small firms within the utility supply chain.

Early techniques involved planting malware on the websites of online publications likely to be read by employees of companies within the energy sector. The hackers would lace the online publications with malicious content allowing them to steal usernames, passwords and infiltrate company systems.

A number of small firms fell victim to these tactics giving the hackers broad access to company networks. Fake emails were subsequently sent out on behalf of the affected firms containing forged and malicious Dropbox links which captured usernames, passwords and other credentials. Further they used fake personas to send emails and pretended to be job seekers, by sending resumes containing tainted attachments to energy companies.

The hackers continued this technique of sending malware emails on behalf of firms until they reached the top of the supply chain. It was reported that on at least 8 occasions the hackers infiltrated companies who had access to the industrial control systems that run the grid.

An alarming aspect was the number of affected companies that remained oblivious of the penetration. The report is a useful description of the variety of methods used to tempt employees to expose their credentials. All too easy to do. These same techniques are regularly used by more pedestrian hackers. Two factor authentication and regular password resets remain measures to limit these threats but so many organisations do not use them.

We repeatedly counsel that employees are the last line of defence for your organisation. Circulating the Report may make an interesting read to remind them of the variety of ways they can be seduced to click an incorrect link.

Encryption bill to give unprecedented power

By Cameron Abbott and Wendy Mansell

The Coalition government is attempting to pass large-scale decryption reforms which will give sweeping powers to law enforcement agencies for overt and covert computer access.

The reforms have caused significant controversy as they may force tech companies and communications providers to modify their services, creating “systemic weaknesses” for intelligence agencies to exploit. However many point out these same vulnerabilities may be utilised by criminals.

Further the potential repercussions of these reforms may undermine consumers’ privacy, safety and trust through unprecedented access to private communications. This could have anti-competitive effects, as the reputations of Australian software developers and hardware manufacturers will suffer within international markets.

At the same time, the harsh reality that terrorists and organised crime increasingly utilise these technologies to evade surveillance highlights a very clear problem for law enforcement authorities.

We won’t seek to suggest where the balance between these interests should lie, but the debate rages on. Stay tuned.

China in breach of cyber-security pact

By Cameron Abbott and Wendy Mansell

It has been a fairly turbulent week in the cyber-espionage space following accusations that China’s Ministry of Security Services is behind the surge of intellectual property theft from Australian companies.

The news that the persistent attacks on Australian IP are perhaps a State sponsored campaign by the Chinese government is concerning as it suggests that China are in breach of several international and bilateral agreements.

In 2015, an agreement was made between Chinese President Xi Jinping and former President Obama, that the U.S and China would not steal intellectual property from one another for commercial gain. This was furthered at the November 2015, G20 Summit, where the cyber-theft of IP was accepted as the norm.

Following on from this in September 2017, former Prime Minister Malcolm Turnbull and Chinese Premier Li Kequiang promised that neither country would engage in cyber-theft of intellectual property and commercial secrets.

Reports of cyber-theft declined immediately after these agreements, however in recent months they have ramped up again.

A U.S Trade Representative report released this week confirms that despite any international agreements, China has continued engaging in cyber-espionage and the theft of intellectual property. Further the report states that not only is China likely to be in breach of these agreements, but the attacks have “increased in frequency and sophistication”.

Notably in July of this year, China was linked to the cyber-breach of Australian National University. This attack was particularly disturbing given that ANU is a leading university involved in key areas of Australian technological, scientific, defence and commercial research.  It is fascinating that cyber attacks and theft are a “norm” that is accepted within our overall international relationships.  Physical acts of a similar nature would not be so easily accepted.

China’s main security agency linked to cyber intellectual property theft

By Cameron Abbott and Wendy Mansell

In April 2017, PWC, in collaboration with BAE Systems’ published a report on “Operation Cloud Hopper”, which exposed a cyber espionage campaign being conducted by a China-based threat actor. The report suggests that Operation Cloud Hopper is almost certainly the same threat actor known as “APT10”, a Chinese group thought to be behind cyber-attacks against many countries including Japan, Canada and America.

Recently it has been reported that there are links between China’s Ministry of State Security (MSS) and Operation Cloud Hopper. These allegations are from U.S based firm CrowdStrike who have recognised ties between Operation Cloud Hopper and the MSS Tianjin Bureau.

There is no confirmation that the MSS is behind the Cloud Hopper attacks, however Dr Adrian Nish, Head of Threat of Intelligence at BAE Systems said that there is “no reason to doubt” the claims.

The term “Cloud Hopper” describes a technique where cyber espionage groups “hop” from cloud storage services and infiltrate Australian IT systems. Operation Cloud Hopper is responsible for the theft of intellectual property from a number of Australian companies, primarily focused on mining, engineering and professional services firms.

In a week full of news about China activities in the region, the suggestion of state sponsored hacking thefts is a salient warning to companies that their core intellectual property assets are at risk if not well secured.

Apple calls for comprehensive US privacy laws

By Cameron Abbott and Jessica McIntosh

It’s uncomfortable to think one of the world’s biggest business leaders has this week stood up and told us all ”our own information from the everyday to the deeply personal is being weaponized against us with military efficiency” what’s more uncomfortable, these powerful words are only a small snippet of a seriously forceful and passionate speech Tim Cook delivered in Brussels on Wednesday.

Read More

Australian Government legislates to protect critical national infrastructure

By Cameron Abbott, Keely O’Dowd and Sarah Goegan

Protecting Australia’s critical infrastructure from threats is essential to Australia’s national security interests, community safety and the overall quality of life for Australians.

In March 2018, the Australian Parliament passed the Security of Critical Infrastructure Act 2018, which is due to commence on 11 July 2018. The Act imposes new obligations on operators and owners of “critical infrastructure assets” – Australia’s high risk major ports and electricity, water and gas utilities.

Read More

Cost of cybercrime hits a new high according to the ACCC’s Scamwatch Report

By Cameron Abbott and Giles Whittaker

Australians are suffering more than ever to various cyber scams, with the ACCC’s ninth annual Targeting Scams Report confirming the ACCC received more than 200,000 scam reports costing a total of roughly $340 million during 2017, a $40 million increase from 2016. Whilst this increase is attributed to a variety of different cyber scams, including investment scams which totalled $64 million, an increase of more than 8%, the second largest contributor to the $340 million total losses was from dating and romance scams which amounted to $42 million. The search for love clearly has its costs. With the average loss suffered per victim totalling $6500, these losses are not inconsequential and continue to push cybersecurity into the forefront of both individuals and businesses daily activities.

Read More

US Department of Homeland Security unveils five point strategy to combat cyber risk

By Cameron Abbott and Sarah Goegan

This week, the US Department of Homeland Security (DHS) released its Cybersecurity Strategy. The five “pillar” strategy will be executed by the DHS over the next five years, and aims to improve national cybersecurity risk management.

Read More

Another Facebook app leaves anonymised data of 3 million users potentially exposed

By Cameron Abbott and Keely O’Dowd

Recent news reports have revealed that Facebook has been hit with another data scandal.

The anonymised data of approximately 3 million Facebook users has reportedly been published on a poorly protected website. This data was originally collected via a Facebook quiz app called “myPersonality”. The myPersonality app was developed as part of the “myPersonality project” run by academics at the University of Cambridge’s The Psychometrics Centre.

Read More

Family Planning NSW the latest victim of cyber attacks

By Cameron Abbott and Allison Wallace

Up to 8000 clients of Family Planning New South Wales have been affected by a ransomware attack on the NGO’s website. No the sort of records people every want to see disclosed.

The website was hacked on ANZAC Day, with the personal information of clients who had contacted FPNSW  in the past 2 and a half years compromised – including details such as names, contact details and reasons for enquiries.

 

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.