Home' ALGY : ALGY Edition 24 2017 Contents THE AUSTRALIAN LOCAL GOVERNMENT YEARBOOK EDITION 24 • 217
Who wants your information?
Australian government networks are regularly targeted
by a range of cyber adversaries who are aggressive
and unrelenting in their efforts to compromise our
networks and information. They are constantly improving
their techniques in an attempt to defeat our network
defences and exploit new technologies.
Foreign intelligence agencies represent the greatest level of
threat. They are the most sophisticated and well resourced. They
are very interested in economic, policy, defence and security
information for strategic advantage, and they generally wish to
covertly exist on networks without the knowledge of their target.
We also know that when a network of primary interest has
high levels of security controls, adversaries will target third-
party networks that are connected to the target of interest,
or networks that hold data about the target of interest. For
instance, legal firms often hold details of government contracts
on behalf of their commercial clients, which could include
major defence facilities, contracts for the purchase of weapons
systems or the construction of new-generation naval vessels,
aircraft or vehicles.
Cybercriminals also pose a threat to government-held
information and provision of services through both targeted and
inadvertent compromises of networks using malicious software
(malware). Their motivations are purely financial: they are trying
to steal or extort money from their victims. They can also use
systems that they have infiltrated to launch denial of service
activity on other organisations, or for generating spam emails.
'Hacktivists' use cyberspace to protest based on a certain
issue. They use fairly unsophisticated techniques -- website
defacement, the hack and release of personal or embarrassing
information, distributed denial of service (DDoS) activities and
the hijacking of social media accounts -- to generate attention
and support for their cause. These activities are designed to
embarrass, and can damage the reputation of their target.
How do they get access?
While cyber intrusion techniques are many and varied, the
most popular method is to send socially engineered malicious
emails (known as spear phishing) to target employees. These
emails can have an attachment that has hidden malware, or a
link to a site hiding malware. These spear phishing emails are
increasingly tailored to appeal to us personally. Adversaries are
known to research the online profiles of the targeted individuals
and organisations -- their profiles, professions, personal interests
and families -- to see what sort of information they are interested
in. They will then tailor the content in an email in order to entice
people to unwittingly open malicious content.
Once that attachment is opened, or the link is clicked on,
malicious software is automatically downloaded, providing the
adversary with access to your computer or mobile device.
Manage the risk
In the world of cybersecurity, prevention is better than cure.
The Australian Signals Directorate (ASD) has just updated
its list of practical strategies that local governments can take to
make their computers more secure. While no single mitigation
strategy is guaranteed to prevent cybersecurity incidents, ASD
recommends that organisations implement a package of eight
strategies as the new security baseline that makes it much harder
for adversaries to compromise systems. These strategies are
known as the 'Essential Eight' (which can be found on page 218).
For further information on the Essential Eight, and the full
list of strategies to mitigate cyber security incidents, including
detailed steps explaining how to implement these strategies,
Finally, it is important to remember that cybersecurity is
not only about technical controls; it is also about improving
cybersecurity awareness and culture in your organisation. You
can purchase the most expensive cybersecurity software, but
it only takes one employee to click on a malicious link for that
software to run, and for the cyber adversaries to gain foothold
in your network. So, raising cybersecurity awareness is also an
important tool in reducing cyber risk in your organisation.
Clive Lines is the Coordinator of the Australian Cyber Security
Centre and the Deputy Director of the Australian Signals
Directorate (ASD). ASD is responsible for cyber and information
security standards for Commonwealth agencies. It is this
component of ASD that has been incorporated into the Australian
Cyber Security Centre.
While cyber intrusion
techniques are many and
varied, the most popular
method is to send socially
engineered malicious emails
(known as spear phishing) to
Links Archive ALGY Edition 23 2016 Navigation Previous Page Next Page