Australian businesses are under constant threat from criminals that utilise the inherent features of infrastructure and systems connected to digital networks—and the rate of cyber-attacks is increasing, according to a recent report from the Australian Signals Directorate (ASD).
The ABC reported that ASD indicated that the “most commonly targeted sectors are banking and finance, resources and energy, defence capability and telecommunications.”
Whilst the list covers a large number of Australian businesses, those that fall outside this list should not be complacent as the automated systems used by cyber-criminals are designed to look for any opportunity to carry out theft, fraud or other malicious cyber-attack.
It is vital that business does not sit back and leave the problem to government agencies such as security forces and the Federal Police. The best defence is an active offense and information sharing will enhance the opportunity to prevent cyber-crime.
The Australian Cyber Security Centre (ACSC) opened in November 2014 as “the next evolution of Australia’s cyber security capability.” Information flow about cyber-security and cyber-events will facilitate early action, threat reduction and event mitigation.
Processes have been put in place to facilitate information flow and the ACSC highlights that every Australian should participate. Individuals can report an event using the Australian Cybercrime Online Reporting Network (ACORN), government agencies should form a working relationship directly with ASD and large Australian businesses should partner with CERT Australia, an organisation that is described by the Executive Manager Dr Carolyn Patterson as “the main point of contact for cyber security issues affecting major Australian businesses”.
There are opportunities for Australian business to learn more about cyber security including the Australian Cyber Security Centre 2015 conference that was held in Canberra between 22-23 April. But if you don’t have the resources or time to commit to attending a conference there are important online resources available that business should review.
The ASD Strategies to Mitigate Targeted Cyber Intrusions provides guidance to organisations on how to stay ahead of the cyber-criminals and the key point made by ASD is that “at least 85 percent of the targeted cyber intrusions that the Australian Signals Directorate (ASD) responds to could be prevented by following the Top 4 mitigation strategies listed in our Strategies to Mitigate Targeted Cyber Intrusions:
- use application whitelisting to help prevent malicious software and unapproved programs from running
- patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
- patch operating system vulnerabilities
- restrict administrative privileges to operating systems and applications based on user duties.”
ASD has also recently published the Australian Government’s Information Security Manual (ISM) that provides a “standard which governs the security of government ICT systems.” The ISM complements the Australian Government’s Protective Security Policy Framework (PSPF) which “provides the appropriate controls for the Australian Government to protect its people, information and assets, at home and overseas”.
Both the ISM and PSPF provide information that business should know, and yes the point that is being pushed is the need for security to be based upon a strong defence against cyber-crime. Cyber-security strategies that apply to government agencies are applicable to business and should be a starting point that is enhanced by industry and business specific “local knowledge” that is gained over time. Remember that international business groups have been building similar knowledge over past decades and can be a valuable source of information.
What this means is that business cannot sit back and let others do the heavy lifting. Business groups need to form relationships with key international business support organisations and facilitate information “trickle down” to ensure that even small and medium enterprises gain access to the knowledge needed to ward off cyber-crime.
On 4 February 2015, Delloite added an Australian cyber intelligence centre to its global network citing the need to reduce the cost to business that it identified as being about $2.5 million per year on average and rising. Delloite highlights the data loss rate increasing by about 25 per cent between 2013 and 2014 globally.
Whilst Delloite’s services are outside the financial reach of many small businesses, there is an opportunity for Australian business groups such as the Business Council of Australia, Small Business Australia and the many other business groups to acquire knowledge and disseminate resources.
By adopting a proactive approach and working together business will collectively benefit. Examples of proactive steps that business should take in concert with local authorities include the Project Sunbird collaboration between the West Australian Police (WAPOL) and the West Australian Department of Commerce (Commerce) that aimed to reduce the incident of online fraud.
In an article on The Conversation the key stages implemented by Project Sunbird were identification, intervention, interruption, intelligence and investigation. Whilst Project Sunbird focused on individuals there is an opportunity for business to learn from this approach and to work with government and police to implement similar proactive approaches.
There are other opportunities for information sharing and collaboration that related business groups should take. One example is to form a relationship with the Virtual Global Taskforce (VGT) that “is an alliance of international law enforcement agencies and private sector partners working together to combat online child sexual abuse.”
By now business should be well aware that cyber-security has become part of daily activity and there is a need to broaden cyber-awareness within organisations. To improve information flows, knowledge and cyber-event related outcomes businesses and business groups need to take the next step and reach out to form proactive partnerships.
Mark Gregory is a Senior Lecturer in the School of Electrical and Computer Engineering at RMIT University.
This article is brought to you by Enex TestLab, content directors for CSO Australia.