You may be surprised to know, that our island continent was the target of the highest number of ransomware attacks across the globe in Q3, 2016. According to research by Kaspersky Lab, Australia sits in the top 5 of targeted countries for cyber attacks, placing the land down under with the likes of Russia and Kazakhstan.
So why are we the target of ransomware attacks specifically, but most of all, why Australia? Ransomware is computer malware that is unknowingly installed on any electronic device with access to the Internet. The victims data is then either held hostage or the attacker will threaten to leak the information until a ransom is paid; hence the name ‘ransomware’.
Unfortunately, the combination of Australian citizens being unpretentiously trusting of others while also feeling safeguarded by geographical distance has made us prime targets for ransomware attacks. Australians have also developed a reputation as being easy targets acquiescing to their attackers demands and are more likely to hand over money than other nations.
It was recently announced the Australian Cyber Security Centre will be split from the ASIO premises in an effort to expand its workforce from 260 to 700. Cyber Security assistant secretary Michael Scotton stated in the Canberra Times that the move was a result of the high level of clearance needed to enter the ASIO building wasn’t working for the broader range of security levels needed for cyber security investigations.
"We are working with internet connected systems; the data they contain are not necessarily top secret. We also perform a range of other services, like the development of policy, the certification of cloud services, evaluating security products. Most of those activities do not require that level of classification."
The timing for the move couldn’t be better. Ransomware isn’t the only threat to Australian citizens’ data; the emergence of AI coupled with the Internet of Things have created more vulnerabilities than ever before. Both business and government need to start identifying strange behaviour early on before anything too serious can arise.
In an interview for the Guardian, Sanjay Aurora – regional head at Darktrace states that there are now more ways to be breached than previously experienced in history. He states:
“Once you understand the devices and people, once you notice subtle changes within the network, you establish a pattern of life, and whether it is lateral movement or unusual activity – maybe an employee using a device they don’t normally use, or a fingerprint scanner acting unusually – the immune system notices and takes action, detecting these things in network before they become a headline.”
Sanjay states that cyber security efforts shouldn’t merely rely on actions that create a barrier to intrusions, but rather technology solutions should behave more like a human immune system.
Public sector organisations and businesses building their immunity to cyber security attacks is an apt analogy for the increase in cybersecurity trends propelling their way through the various sites and devices that live in the World Wide Web. The biggest trends in cybersecurity include ransomware, machine learning, data integrity and the ‘Internet of Threats’.
So why is all of this so important to the public sector? Is public sector cyber security really a mission imperative? The short answer: yes. Navigating a world of cyber threats couldn’t be more important for government. Constant developments in technology, well-funded and tech-savvy adversaries, and the sheer availability of data have created vulnerabilities like never before.
From banking and manufacturing, shopping and entertainment, no industry is safe from cyber threats, but special consideration should be given to the public sector. The stakes for confidential government data are much higher than private enterprise. The Turnbull Government has committed to spending $230 million over four years to enhance Australia’s cyber security capability, but this pales in comparison to the $23billion committed by the US government in 2018.
Though it is great to see governments across the globe spending on cyber security initiatives, it is important for government organisations across Australia to develop a few best practices to ensure their digital assets remain safe. Cisco recommends a few easy ways to start protecting your agency:
- Train personnel to be aware of cyber threats
- Ensure your cyber security policies extend beyond previous events and become threat-centric
- Conduct pervasive internal monitoring
- Share security intelligence within and between organisations
If you get one key takeaway from this post it should be that the public sector is particularly vulnerable to cyber attacks, and on top of this, Australia is currently a prime target for ransomware threats. It’s great to see Australia moving in the right direction with the expansion of the Australian Cyber Security Centre and heavy investment to improve the nation’s response capabilities.
We’d love to hear your thoughts on what the future holds for Australian cyber security, and whether you think this is enough to keep the nations data safe. Comment below to let us know your thoughts.