CS Nov-Dec 2020
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
editor's focus<br />
"Well trained staff become your strongest<br />
defence against cyber-attacks, rather than<br />
your weakest link," he adds.<br />
SAFETY FALLS ON EVERYONE<br />
According to Nick Savvides, director of<br />
Strategic Business at Forcepoint, the attacks<br />
that targeted Australia serve as a timely<br />
reminder that cyber security is a serious<br />
issue and affects every aspect of life.<br />
Everybody has a role to play in keeping us<br />
safe from cyber-security threats, he points<br />
out. "Sophisticated threat actors, statebased<br />
threat actors, have significant<br />
capabilities, and do not rest in their efforts<br />
to gain footholds into our systems,<br />
applications and data. It is important that<br />
governments, businesses and individuals<br />
remain vigilant and continue to improve<br />
their cyber-security practices. We have<br />
entered a new era of business and<br />
government, where cyber-attacks pose<br />
an existential threat to business and can<br />
cripple the machinery of government."<br />
The public revelation of the attacks<br />
also acts as a signal to the threat actors<br />
responsible that the government and some<br />
in the private sector are aware of the<br />
attacks, Savvides comments. "Interestingly,<br />
two specific controls, patching internetfacing<br />
systems [protecting the edge<br />
of networks], enforcing multifactor<br />
authentication for users [protecting the<br />
users], were specifically called out by<br />
the defence minister. This indicates that<br />
attackers likely operated sophisticated<br />
targeted phishing campaigns to capture<br />
usernames and passwords from victims<br />
and were possibly in possession of 0-day<br />
vulnerabilities against systems or used<br />
older vulnerabilities on systems that are<br />
difficult to patch."<br />
While Australia has significant capabilities<br />
in cyber-security and an active cyber-security<br />
community, unfortunately not all<br />
organisations are at the same level, with<br />
many organisations simply not having right<br />
capabilities, he says. "We are also struggling<br />
with a skills shortage, with unfilled cybersecurity<br />
roles in every sector; that means<br />
many of the skills end up in the top end of<br />
town and large departments, leaving small<br />
and medium business, and government<br />
agencies exposed."<br />
GEO-POLITICAL TENSIONS<br />
Meanwhile, Tim Wellsmore, Mandiant<br />
Government Solutions, Asia Pacific, points<br />
to the "considerable geo-political tension<br />
occurring at the moment involving Australia<br />
and, from our experience, we know that<br />
state-sponsored cyber threat activity directly<br />
replicates geo-political tensions, so it would<br />
be plausible to assume this reported activity<br />
and announcement is connected".<br />
FireEye is, he adds, aware of the reported<br />
incidents and the type of exploitation of<br />
systems that are occurring, and have seen<br />
only a few related impacts to its customer<br />
base. "However, we are seeing an increasing<br />
focus by both state-sponsored and criminal<br />
cyber threat actors on exploiting Common<br />
Vulnerabilities and Exposures (CVEs) soon<br />
after they are announced publicly when<br />
victims' systems are not patched quickly<br />
enough, and we deal with state-sponsored<br />
threats against our customers on a daily<br />
basis."<br />
The information provided in the Australian<br />
Government A<strong>CS</strong>C advisory on this issue is<br />
very detailed, he notes, "and provides good<br />
guidance and serves as a timely reminder<br />
to ensure organisations maintain vigilance<br />
in the cyber security programs including<br />
the use of patching and multi-factor<br />
authentication in their networks".<br />
As Wellsmore confirms, such threats will<br />
continue, with an inevitable increase in<br />
cyber threat activity as our world becomes<br />
more and more technologically dependent,<br />
and therefore both attractive to outside<br />
infiltrators and increasingly vulnerable to<br />
their growing arsenal of weaponry.<br />
Nick Savvides, Forcepoint: everybody has<br />
a role to play in keeping us safe from<br />
cyber-security threats.<br />
Toni Vitale, JMW Solicitors: training staff<br />
to be vigilant to cyber-attacks is key.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Nov</strong>/<strong>Dec</strong> <strong>2020</strong> computing security<br />
07