Managing Threats & Attacks – Page 15

Just one of 734: Australian defence contractor hacked

Oct 16 2017

By Cameron Abbott and Olivia Coburn

A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program.

The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane project, Collins Class submarines and the warships HMAS Canberra and HMAS Adelaide. The Government has emphasised that the stolen data is commercially sensitive but not classified.

The announcement coincides with the release of the Australian Cyber Security Centre’s 2017 Threat Report, available here, which reveals that the hack is among 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.

SEC wants to collect more information – but can they protect it?

Oct 02 2017

By Cameron Abbott and Olivia Coburn

The United States Securities and Exchange Commission (SEC) is facing scrutiny on its handling of a data breach that occurred in 2016 – but was only publicly disclosed on 20 September 2017.

Hackers accessed information on corporate filings intended for investors, which would be used for insider trading.

Deloitte hack: Big four cyber-security advisor takes a hit

Sep 28 2017

By Cameron Abbott and Olivia Coburn

“Big four” accounting and consulting firm Deloitte revealed on Monday that it was targeted by a hack that exposed its email system and client records.

Although Deloitte has not yet provided details on the full extent of the breach, it confirmed that the information accessed includes confidential emails and plans of some of its blue-chip clients. It also said that “very few” clients were affected.

Equifax data breach: 143 million records exposed but senior executives not told immediately?

Sep 12 2017

By Cameron Abbott and Olivia Coburn

Equifax has joined Yahoo on the podium for the award no one wants: suffering one of the largest data breaches in history.

Equifax, one of the three largest US credit reporting agencies, announced last week that it suffered a cybersecurity incident potentially impacting 143 million US consumers – a figure comprising of roughly 55 per cent of Americans aged 18 years or older. Some UK and Canadian residents are also affected.

Security incidents high, confidence to manage them low. Really? We did see this coming – why aren’t we better prepared?

Aug 31 2017

By Cameron Abbott and Olivia Coburn

RiskIQ, a US-based cyber security company, has reported that 40% of businesses surveyed in the US and the UK have experienced 5 or more significant security incidents in the past 12 months. Significant incidents include malware, targeted attacks, mobile exposures, rogue mobile apps, website or brand abuse, phishing and social impersonation.

RiskIQ, through IDG Connect, also surveyed the confidence of corporate decision-makers in their ability to handle and mitigate cyber threats. Their report, 2017 State of Enterprise Digital Defense Report, reveals that nearly two-thirds of respondents had no to modest confidence in their ability to manage digital threats.

Gartner: Worldwide spending on information security to reach $93 billion in 2018

Aug 24 2017

By Cameron Abbott and Olivia Coburn

Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.

This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.

Australia Affected By Global Ransomware Attacks

Jun 30 2017

By Cameron Abbott and Ling Zhu

Despite Australia seemingly avoiding the brunt of the attacks by the WannaCry ransomware crippling computer systems around the world last month, a few Australian organisations have not emerged unscathed.

Victoria Police has revealed 280 speed cameras around Victoria were exposed to WannaCry between June 6 and June 22. Although the cameras were not connected to the internet, the ransomware was unintentionally introduced to the system through a USB device during maintenance. The police reported that the ransomware caused the cameras to continually reboot, however it is unclear whether this resulted in inaccurate readings. Initially, only 55 speed and red-light cameras were thought to be infected, however that has since increased to 280 cameras. Subsequently, 1,673 infringement tickets will be withdrawn, with another 5,500 pending tickets to be embargoed. Now don’t get excited and start drag racing – the police intend to continue operating the cameras, with embargoed and new tickets to be issued once they confirm that cameras are taking accurate readings.

Meanwhile in Hobart, Cadbury chocolate factory has stopped production following its parent company, Mondelez International, being affected by the similar “Petya” ransomware. The US-based Mondelez International suffered a global IT outage overnight, with all network computers being infected. Australian workers were unable to begin production in the Cadbury factory on June 28, as many processes are automated and controlled by computers. It is uncertain when the global system will be restored.

Now speed cameras is one thing, but affecting chocolate production is way out of line!

A reminder that both WannaCry and Petya exploit vulnerabilities that have been patched – you just have to load those security releases. A call out to all the chocolate producers of the world – load your patches for the sake of us all!

New Petya Ransomware Attacks Global Law Firm

Jun 27 2017

By Cameron Abbott and Edwin Tan

Just a month after the WannaCry ransomware infected devices around the globe, a new strain calling itself Petya has struck overnight. Petya looks and operates the same way as WannaCry, locking out users from their systems and demanding a ransom of US$300 in order to decrypt files stored on the device. To spread across devices, Petya utilises exactly the same vulnerability used in WannaCry, patched by Microsoft in March 2017.

Organisations in Europe have been the worst hit, with the ransomware slowly spreading to the United States, and to Australia this morning as organisations boot up their computers. The Prime Minister of Ukraine has called the attack on his country “unprecedented”, with the government’s computer network going down, and the state power distributor being disrupted.

A global law firm has also been hit by Petya, with its offices in the UK, Europe, the Middle East and the US all affected by the attack. This continues a worrying trend of law firms being breached as of late, potentially exposing thousands of clients to commercial and legal risk.

We cannot emphasise enough the importance of keeping all devices and systems patched and up-to-date. Unfortunately, it seems that organisations around the globe, even those professing to be experts in cybersecurity, are still unprepared to deal with cyber-attacks and mitigate their risks.

The UK National Cyber Security Center has released guidance to help both home users and organisations limit the impact of ransomware attacks. It can be read here.

DDoS Attacks On The Rise

Jun 20 2017

By Cameron Abbott and Edwin Tan

Distributed Denial of Service (DDoS) attacks leverage compromised devices to generate a flood of traffic, overwhelming online services and rendering them unresponsive. DDoS services are widely available on the internet, with research by Trend Micro finding that the small cost of US$150 can buy a DDoS attack for a week. (It also brings organised crime into your life – but that’s a different point!)

The latest statistics from Cisco reveal that the number of DDoS attacks grew by 172% in 2016. Combine this with an average DDoS attack size of 1.2Gbps, capable of taking most organisations offline, and there is real cause for concern among cyber security experts. It is hard to trace DDoS attacks to their proprietors, as the majority of devices used in attacks belong to innocent users.

Organisations must understand the risk and impact posed by DDoS attacks, and implement mitigation strategies that promote business continuity in the face of these attacks. Industry peers must share knowledge where appropriate, and keep government agencies adequately informed, to deter hackers from launching a DDoS attack.

Cisco expects that the number of DDoS attacks in the future will only get worse, with 3.1 million predicted attacks in 2021 globally. Read Cisco’s press release here.

Together we are stronger – Australia and Singapore partner up on cybersecurity

Jun 06 2017

By Cameron Abbott and Allison Wallace

A freshly inked Memorandum of Understanding between Australia and Singapore will see the two countries strengthen their cybersecurity through a joint effort to build a secure and resilient cyber space.

The two-year partnership which was signed last week, will see Singapore’s Cyber Security Agency work with the Australian government to conduct regular information exchanges on cyber threats, share best practices to promote innovation in cyber security, and build cyber security capabilities. Read More

Catagory:Managing Threats & Attacks