The week in security: Aussie companies lag on security as cyberthreat intensifies overseas

Ever vigilant on citizen privacy, EU regulators were promising action on Google’s privacy policy changes while the EU Parliament made more than 900 amendments to proposed new data-privacy laws.

Also on the international front, security firm Mandiant was alleging that it had information about the Chinese-backed ‘PLA 61398’ cyber-army hacking into US firms. In an ironic twist, the report was used as bait in further spear-phishing attacks on Japanese and Chinese users, building on an Adobe Reader 0-day vulnerability.

Not everyone thinks it’s necessarily an act of war, however – especially China’s Defense Ministry, which refuted the claims.

Yet the cybersecurity environment is nonetheless heating up, as British prime minister David Cameron signed a cyber security deal with India. Others argued that the escalating cyberwar between the US and China could evolve into something resembling the Cold War. Users, however, need to make much better use of available security tools to improve their response time to spear-phishing attacks like that used in the Chinese hack.

In a relatively rare occurrence, Apple confirmed that it was hit by an internal malware attack while UK firm Tesco had called in the police after the details of a number of its Clubcard loyalty-program members were compromised.

A Malaysian government Web site was hacked with a faked ‘resignation’ from the country’s prime minister. And, in another sign that cyberhacking knows no boundaries, there were reports that China has been helping Zambia master deep packet inspection eavesdropping technology.

Meanwhile, spy agencies were keeping mum on reports that five countries were working together to declassify crucial security vulnerability and threat information. Also on the collaboration front, US university students are among those working to crack Chinese malware code.

New research suggests many Australian organisations aren’t as good at establishing disaster recovery plans as they think. Further damning evidence came from CERT Australia, which says many security incidents within Australian organisations are going unreported. Rounding out the trifecta was the revelation that a large volume of financial and health-related data had been dumped in Sydney rubbish bins where they could be easily compromised by identity thieves.

It’s not an idle threat: identity fraud in the US has reached its highest level in three years, recent data suggests. Most companies are struggling to fight the wave, with a Ponemon Institute report suggesting large organisations aren’t good enough at managing trust infrastructure assets like encryption keys and digital certificates.

Doing its part to stave off trouble, Adobe was busy preparing a fix for a PDF Reader 0-day vulnerability, then released emergency patches for vulnerabilities being actively exploited by attackers. Facebook was hit by a sneakily crafted Chrome extension that artificially boosts ‘likes’ on the site. Apple released a patch for the battery-life problems that had been plaguing Exchange-using customers running iOS 6.1.1.

Mozilla debuted in-application PDF reading for its Firefox browser and patched 13 bugs in the platform, while Kaspersky Labs was still mopping up after a botched antivirus update that is causing major problems for enterprise users.

Also causing problems is Java – which, Apple confirmed, was the vector by which it was hacked. Recognising the growing problems with the platform, Oracle not only released a new round of fixes but sped up its patching cycle for the platform, addressing claims that it has been too complacent about ongoing Java problems. Apple also released a Java update for its own version of the platform. Many Mac users, however, may want to disable Java completely.

Java isn’t the only major problem facing Mac users, however: new malware that bypasses Mac OS X’s Gatekeeper was discovered,

Meanwhile, and Zendesk joined the just-been-hacked club. And Oxford University was facing its own problems – with phishing – and briefly blocked Google Docs because of them. Twitter implemented anti-phishing standard DMARC in an effort to fight such activity, but phishing is far from the only threat out there: other types of attacks are also growing in frequency, with ransomware in particular becoming more rampant over time.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about Adobe SystemsAppleCERT AustraliaCSOEUFacebookGoogleKasperskyMozillaNBCOracleTescoZendesk

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts