CS Nov-Dec 2020

More documents

Recommendations

Info

editor's focus UNDER SIEGE NATION-STATE LED CYBER-ATTACKS ARE BEING UNLEASHED ON GOVERNMENTS AT AN EVER-GROWING RATE. VIGILANCE IS THE KEY TO HINDERING THEIR IMPACT It was of great concern to see Australia's government and institutions being subjected this year to concerted attacks by sophisticated, state-based cyber hacks. This is something that has also plagued the UK for some time now and is an indication of how hacking is increasingly used to infiltrate 'enemy states', with a view to disrupting how they function. Australia Prime Minister Scott Morrison has revealed that the cyber-attacks were widespread, covering "all levels of government", as well as essential services and businesses. He has been reluctant to identify any specific state actor and claims no major personal data breaches had been made, although others have been quicker to point the finger, with China alleged to be the most likely culprit in the eyes of many observers. Morrison has said that the attacks spanned "government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure". The attacks happened over many months and are not going away, the government concedes. It is hoping that raising public awareness by admitting to these breaches will help businesses to improve their defences. But the government has also stressed how this "malicious" activity is being seen right across the globe, making it far from a unique problem to Australia. Previously, defence manufacturers, government contractors and accounting firms have been among those to report data breaches. 300-PLUS ATTACKS In light of the Australian Government becoming a victim of a nation-state led cyberattack affecting all levels of government, Toni Vitale, head of data protection at JMW Solicitors LLP, had this to say: "No country is immune to such attacks and, in the UK, the National Cyber Security Centre announced at the end of 2019 that it has defended British organisations against more than 300 state-backed cyber-attacks.... As in Australia, the UK central government was the main focus of the attacks, but other sectors, such as academia, IT, managed service providers and transport and health, were also attacked. The NCSC actively takes down fraudulent websites, which are used by nation states to gather intelligence and finance their craft." Training staff to be vigilant to cyber-attacks is key, states Vitale. They should be taught to: Avoid clicking on links, opening attachments or emails from people you don't know or companies you don't do business with Be vigilant when opening links or attachments from people you do know particularly if they are unexpected Be aware of email spoofing, where an email arrives from someone you believe you know, but has unexpected links or attachments, as these are the most common methods used by cyberattackers to gain entry into systems. 06 computing security Nov/Dec 2020 @CSMagAndAwards www.computingsecurity.co.uk
editor's focus "Well trained staff become your strongest defence against cyber-attacks, rather than your weakest link," he adds. SAFETY FALLS ON EVERYONE According to Nick Savvides, director of Strategic Business at Forcepoint, the attacks that targeted Australia serve as a timely reminder that cyber security is a serious issue and affects every aspect of life. Everybody has a role to play in keeping us safe from cyber-security threats, he points out. "Sophisticated threat actors, statebased threat actors, have significant capabilities, and do not rest in their efforts to gain footholds into our systems, applications and data. It is important that governments, businesses and individuals remain vigilant and continue to improve their cyber-security practices. We have entered a new era of business and government, where cyber-attacks pose an existential threat to business and can cripple the machinery of government." The public revelation of the attacks also acts as a signal to the threat actors responsible that the government and some in the private sector are aware of the attacks, Savvides comments. "Interestingly, two specific controls, patching internetfacing systems [protecting the edge of networks], enforcing multifactor authentication for users [protecting the users], were specifically called out by the defence minister. This indicates that attackers likely operated sophisticated targeted phishing campaigns to capture usernames and passwords from victims and were possibly in possession of 0-day vulnerabilities against systems or used older vulnerabilities on systems that are difficult to patch." While Australia has significant capabilities in cyber-security and an active cyber-security community, unfortunately not all organisations are at the same level, with many organisations simply not having right capabilities, he says. "We are also struggling with a skills shortage, with unfilled cybersecurity roles in every sector; that means many of the skills end up in the top end of town and large departments, leaving small and medium business, and government agencies exposed." GEO-POLITICAL TENSIONS Meanwhile, Tim Wellsmore, Mandiant Government Solutions, Asia Pacific, points to the "considerable geo-political tension occurring at the moment involving Australia and, from our experience, we know that state-sponsored cyber threat activity directly replicates geo-political tensions, so it would be plausible to assume this reported activity and announcement is connected". FireEye is, he adds, aware of the reported incidents and the type of exploitation of systems that are occurring, and have seen only a few related impacts to its customer base. "However, we are seeing an increasing focus by both state-sponsored and criminal cyber threat actors on exploiting Common Vulnerabilities and Exposures (CVEs) soon after they are announced publicly when victims' systems are not patched quickly enough, and we deal with state-sponsored threats against our customers on a daily basis." The information provided in the Australian Government ACSC advisory on this issue is very detailed, he notes, "and provides good guidance and serves as a timely reminder to ensure organisations maintain vigilance in the cyber security programs including the use of patching and multi-factor authentication in their networks". As Wellsmore confirms, such threats will continue, with an inevitable increase in cyber threat activity as our world becomes more and more technologically dependent, and therefore both attractive to outside infiltrators and increasingly vulnerable to their growing arsenal of weaponry. Nick Savvides, Forcepoint: everybody has a role to play in keeping us safe from cyber-security threats. Toni Vitale, JMW Solicitors: training staff to be vigilant to cyber-attacks is key. www.computingsecurity.co.uk @CSMagAndAwards Nov/Dec 2020 computing security 07
Page 1 and 2: Computing Security Secure systems,
Page 3 and 4: comment TIME TO TAKE GDPR UP A GEAR
Page 5: Pragmatic and experienced risk mana
Page 9 and 10: health monitoring within the compan
Page 12 and 13: smishing SMISH, SMASH, BASH! A RELA
Page 14 and 15: smishing scams, while the Associati
Page 16 and 17: industry insights THE NEW ORDER IS
Page 18 and 19: mergers & acquisitions HITTING THE
Page 20 and 21: Data privacy BEYOND THE EU-US PRIVA
Page 22 and 23: contact tracing WE HAVE CONTACT THE
Page 24 and 25: contact tracing smartphones in mind
Page 26 and 27: hacking surge HACKERS FOR HIRE HACK
Page 28 and 29: hacking surge Adrian Rowley, Gigamo
Page 30 and 31: threat intelligence APTS AND COVID-
Page 32 and 33: gender inequality TIME TO REBALANCE
Page 34 and 35: gender inequality equates to - and
Page 36: NEW Sensitive Data Discovery and Re

CS Nov-Dec 2020

Create successful ePaper yourself

Delete template?

Save as template?