This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

The reality of ‘hacking’ – what is your response?

Chris NobleCyber-security is now a critical issue for CEOs, boards and political leaders as cyber-attacks on businesses and governments, including those in Australia, increase.  Some organisations are bolstering their defences, but are you doing enough to protect against cyber-crime?

Today, it has become a matter of ‘when’ or for ‘how long’ an organisation has been hacked and what has been lost. ‘If’ is no longer part of the equation.

Higher profile cyber-attacks (and this is only the tip of a very large iceberg) have included:

  • Iran – the country’s nuclear program was hacked and critical infrastructure was damaged1 – this attack, using the Stuxnet virus, has alleged to have originated from within the Israeli and U.S. military services in order to derail Iran’s nuclear enrichment program.  When the Stuxnet virus made it into the wild, evolved variants of it have been used for multiple different purposes such as shutting down an Indian communications satellite2
  • Japan – Yahoo in Japan was hacked, with usernames and passwords of e-mail account holders potentially stolen3 – since the initial reports, Yahoo have indicated they are not sure if anything was taken but to err on the side of caution
  • South Africa – the country’s police whistle-blower hotline was hacked, with names, e-mail addresses and phone numbers of protected whistle-blowers stolen4 – this attack has been attributed to the hacktivist group Anonymous in response to the death of 34 protesters at a mine site in Marikana in August 2012
  • USA – a recent report showed that US energy and resources companies are under daily attack.5  Survey respondents within the report have acknowledged that whilst they are under regular attack, they have only implemented basic mandated controls
  • Saudi Arabia – Saudi Aramco was impacted by a malware in 2012 that affected 30,000 computers6
  • Australia – ASIO, Bluescope Steel and military communications technology provider Codan have all been reported as recent victims of cyber-espionage, allegedly emanating from China.7


There are no borders in cyberspace, and it’s not just government agencies under attack.  Corporations are increasingly being targeted. Customer data, intellectual property, future expansion plans, supplier agreements and merger and acquisition proposals are all highly sought after ‘commodities’ in the global cyber market.

The nature of cyber-espionage is such that if attackers can’t get into your business network, they will try to obtain access through something close to you – your personal computers, suppliers with whom you share commercially sensitive information, or the law firm to whom you outsource legal work.

This was the case for a U.S. law firm recently who received a visit from the FBI to advise them that their client files were found on a compromised server on their way to China.8 The hackers went after the law firm, because they realised that their primary target had strong cyber defences in place that would take time to break down.  However, the law firm contained all the relevant information on the target and were not required to have the same level of IT security infrastructure in place.

Companies operating offshore, and including those based in Australia, are at an increased risk of being targeted by cybercrime, across sectors such as energy and resources, construction and legal.  With Brisbane, QLD to host the G20 summit at the end of 2014, Australia could well see an increase in cyber probing by ‘hacktivists’ from around the world.

Legislation is also currently being considered that will require companies to publically disclose data breaches, and customers affected, each time they occur to the Federal Privacy Commissioner.  

To address cyber risks, every organisation needs to ask the following questions (and answer them with confidence):

  • How prepared are you to withstand an attack?
  • How secure is your data that is currently kept by your suppliers?
  • Are you currently collecting the right type of information to allow you to respond to and investigate an attack?
  • Are you only stopping people getting into your network, or are you also preventing information from getting out?

Sources:

  1. http://www.guardian.co.uk/technology/2013/feb/26/symantec-us-computer-virus-iran-nuclear
  2. http://perry4law.org/cecsrdi/?p=163
  3. http://www.bbc.co.uk/news/technology-22594136
  4. http://www.wired.co.uk/news/archive/2013-05/22/south-africa-whistleblower-leak
  5. http://markey.house.gov/sites/markey.house.gov/files/documents/Markey Grid Report_05.21.13.pdf
  6. http://threatpost.com/saudi-aramco-confirms-scope-malware-attack-082712/
  7. http://www.news.com.au/technology/hacking-chinese-spies-steal-asio-blueprints/story-e6frfro0-1226651694269
  8. http://www.sans.org/security-resources/cybersecurity-conversations


Co-authors

Chris Noble
Partner, Financial advisory services
+61 7 3308 7065
Tommy Viljoen
Partner, Risk services
+61 2 9322 7713

 

Related links

Share

 
Follow us



 

Talk to us