Australian businesses face hard lessons from security attacks
Posted on August 29, 2017
Senior executives need to be informed of the risks and the organisation’s capability to mitigate those risks...
Associate Professor, Charles Sturt University - School of Computing & Mathematics
Australian businesses are failing to learn from ransomware attacks, such as WannaCry and Petya, despite the growing threat of more sophisticated assaults.
Organisations targeted by the Petya attack in June this year had not fully protected their systems with updated security patches, according to cyber security experts.
While there was minimal disruption in Australia from the WannaCry attack in May 2017, several major companies were impacted by the recent Petya attack—including a Hobart factory owned by Cadbury, after its US parent company Mondolez International was targeted.
Lessons still to be learnt from ransomware attacks
Cyber security expert Tanveer Zia, from Charles Sturt University’s School of Computing and Mathematics, said many businesses had not learnt from the WannaCry or Petya attacks.
“It’s only a matter of time before major Australian businesses will be in the firing line because email correspondence is now the core media of communication in most, if not all, businesses,” said Associate Professor Zia. “Australia has been on top of the global target of phishing attacks, which are often originated through emails.”
He said that while banking institutions and larger businesses have strong cyber security preventive measures, many small to medium-sized organisations and individuals maintain a “false sense of security’’ that either their systems are protected enough, or are not likely to be attacked.
“Taking the example of WannaCry where vulnerability was known and patches were available two months before the attack, businesses who didn’t have those patches in place were victims of the attack,’’ Professor Zia said. “The other reason for many Australian businesses not being cyberattack-ready is that they have not been hit hard yet. Most victims of WannaCry and Petya were in Europe and Ukraine.’’
Petya hackers used a demand of $US300 ransom to be paid in Bitcoins to unlock compromised data, regardless of whether infected computers belonged to a personal user or a staff member in a large global company.
Time for businesses to act
Professor Zia said every connected system is vulnerable to these attacks.
“We cannot imagine any crime these days where some sort of technology is not used and global connected systems have made it easy,’’ he said. “In fact, connected systems have introduced some more sophisticated white-collar crimes, such as financial frauds, information theft, identity theft and infiltration of corporate data.’’
Professor Zia said organisations need to review their IT security budgets and increase resources to protect their systems.
“Especially with forthcoming mandatory data breach reporting, as part of the Privacy Amendment (Notifiable Data Breaches) Bill 2016, which will take effect from early 2018, organisations will face heavy penalties if they fail to notify.’’
He said organisations should keep their systems patched/updated with the most recent patches available and subscribe to a more frequent backup service, if they do not have their own backups in place already.
“Also implement techniques to block auto execution of untrusted codes, have strong access control, and most importantly educate staff about the threats in cyber security.’’
Hackers capable of more sophisticated attacks
Professor Zia also warned access control policies need to be implemented.
“Remember, today’s cyber attackers are more skilled, more resourced and persistent than a few years ago,’’ he said. “There is a possibility that they will have broken multiple layers of security already, so a defence in depth approach will help monitor unusual activities such as identifying systems for failed logon attempts, combined with alerts going to network administrators to take immediate countermeasures.’’
Time for IT and non-IT teams to work together
Zia said a holistic cyber security management approach embedded in every organisational process is required.
“This may be started at the access control with multiple layers of access to reduce the exposure of data to an acceptable level within the organisation and to external stakeholders.’’
Cyber risks should be addressed at the same level as with other regulatory and compliance obligations and cyber security should regularly be on the agenda at board level.
“Senior executives need to be informed of the risks and the organisation’s capability to mitigate those risks,’’ he said. “Holistic enterprise-level security processes where IT and non-IT teams work together are needed.’’
If you would like to be more in control your backup and recovery process, Vocus Cloud Backup as a Service (BaaS) ensures all your data is backed up to our enterprise-standard data centres via a secure private connection over the Vocus network.
In addition, Firewall as a Service serves as an exceptional security hygiene factor for businesses and safeguarding their systems. This bundled solution allows businesses to access Vocus cloud internet, hosted firewall and the cloud gateway solution, all in one hit.
Get in touch with your telco to find out more about how to strengthen your business’s security against cyber attacks.