Cybersecurity in Australia: April 2019 Gridware Roundup
by Ahmed Khanji
It’s time to sift through last month’s information security news and see where Australia stands. In this month’s edition, we have a number of worrying statistics, as well as some interesting details about a previously elusive Australian spy agency.
89% of C-Level Execs Say Their Business Has Been Breached in the Past 12 Months
New data from Gridware partner Carbon Black indicates that breaches are more common than many of us expected. They released their first Australian Threat Report, which covered a number of worrying trends in Australian cybersecurity.
The report surveyed 250 executives across a range of industries, including oil and gas, retail, government, manufacturing, healthcare, media and entertainment, financial services and professionals services.
If 89% of businesses suffering a breach wasn’t a big enough shock, the report also found that 41% of respondents said that their organisation had been breached between three and five times in the last 12 months.
81% reported that they had seen an increase in cyberattacks, with 28% saying that the attack volume had increased by 50%.
There is a slight silver lining, with 90% of the respondents saying that their businesses will be increasing cybersecurity funding because of the threats. While this is good news, it’s hard to know whether the increases will really be enough.
33% of Australia’s Connected Homes Are Vulnerable
Avast has released it’s Smart Home Security Report 2019, and the results don’t look good. The company scanned more than 16 million smart-home networks from across the globe, totalling more than 56 million devices.
Across the world, it found that almost 41% of homes had at least one device that was vulnerable to cyber attacks, while Australia was slightly under the average at 33%.
The study found that the participating homes averaged five connected devices per household, including things like PCs, smartphones, routers, smart TVs, media boxes like Chromecast, security cameras, printers and gaming consoles.
Globally, the vulnerabilities were caused by either weak or default passwords in 69% of cases. Because of this, a huge portion of the vulnerabilities can be solved easily, simply by changing the passwords on new devices, and making sure that all passwords follow appropriate guidelines.
In 31% of cases, the vulnerability was caused by software vulnerabilities, which were generally due to outdated software which needed to be patched.
Australian Signals Directorate Reveals Its Offensive Cyber Activities
In a speech to the Lowy Institute, Mike Burgess, the Director General of the Australian Signals Directorate (ASD), revealed some details about his agency’s offensive cyber program, as well as its past activities.
The ASD is an Australian intelligence agency that specialises in cyber warfare, supporting military operations and information security. The speech indicated that the ASD’s offensive work was often focused on disrupting the communications of foreign adversaries.
We’ll let you sample the tale of how the ASD helped to win a battle against ISIS in Burgess’s own cringeworthy words:
“Just as the Coalition forces were preparing to attack the terrorists’ position, our offensive cyber operators were at their keyboards in Australia – firing highly targeted bits and bytes into cyberspace.
“Daesh communications were degraded within seconds. Terrorist commanders couldn’t connect to the internet and were unable to communicate with each other.”
On top of this, the speech revealed that the ASD was involved in locking ISIS members out of the servers that they used to spread propaganda, and even prevented people from being recruited.
It’s important to recognise that this information comes from the directorate itself, rather than an impartial outsider. We know relatively little about the agency’s operations from other sources. Despite the one-sided nature of the revelations, it’s good to have at least some information about what the ASD focuses on, and what its capabilities are.
About the author
Ahmed Khanji is the CEO of Gridware (www.gridware.com.au), a cybersecurity firm with headquarters in Sydney, Australia. Ahmed has over 15 years’ experience in senior roles across information security. He is an Adjunct Professor of Cybersecurity and Behaviour at Western Sydney University. Ahmed has extensive experience as an ISO27001 lead auditor, security advisor and has developed and delivered cybersecurity frameworks in senior roles at listed organisation over $30 billion in market size. Ahmed has worked on over 100 cyber incident investigations globally, and provides topical lectures on cybersecurity topics to leading industry bodies including ISACA and the Australian Information Security Association (AISA). He is also a regular guest lecturer at the University of New South Wales’ School of Law.
Ahmed's LinkedIn profile: https://www.linkedin.com/in/ahmed-khanji/
The article was originally published at: https://www.linkedin.com/pulse/cybersecurity-australia-april-2019-gridware-roundup-ahmed-khanji/