NewsBite

Sponsored by HP

Facing up to the next generation of cyber attacks

Mark Eggleton

Subscribe to gift this article

Gift 5 articles to anyone you choose each month when you subscribe.

Subscribe now

Already a subscriber?

While Australia’s ability to keep the Covid pandemic relatively under control has received international plaudits over the past 12 months and confidence is returning on the back of our strong economic performance, a rather insidious threat has continued to grow.

At the same time as organisations talked up their ability to pivot and move their workforces online we’ve also seen the threat of cyber attacks grow exponentially.

Working from home has exposed cracks in cyber defences. 

This has been backed up by the recent report Blurred Lines and Blindspots undertaken by HP Wolf Security which cited World Economic Forum figures outlining there had been a 238 per cent increase in global cyber attack volume between February and April last year.

The report found fending off such attackers has become increasingly difficult, as distributed workers are no longer protected by the corporate firewall, with many accessing critical data via insecure connections.

What this emphasised was the need for organisations to focus on endpoint security. Interestingly, the report found 91 per cent of IT decision makers (ITDMs) believe endpoint security has become as important as network security especially as the shift to home working has changed the nature and scale of cyber security risk.

Advertisement

This increasing risk was reiterated recently by Assistant Minister for Defence Andrew Hastie who told The Australian Financial Review, that Australians need to have a “shared reality” around the threats as more of our lives move online in the digital economy.

According to Hastie, the federal government is doing its best with industry “to drive the understanding of cyber threats to business and society”.

“On one side, you have hackers trying to be a nuisance and then you also have sophisticated online criminal syndicates who might just work for themselves or they might be co-opted by a state and work as a proxy for a state actor,” Hastie says.

“The challenge with cyber is working out who’s attacking you, and that takes time and analysis. It’s a broad threat spectrum, and the best way to defend against all those things is to just do the basic things well such as uploading your security patches, complex passwords, multifactor authentication, backing-up your data, and importantly, investing in cyber security if you run a business in Australia.”

And the threats go beyond business and into every organisation especially as our world becomes more connected through the Internet of Things (IoT). For example, the impact of all the sensors and intelligent systems we’re slowly deploying in our physical environments in order to collect data to make services and our environment greener and more efficient are potentially ripe for cyber attack.

Technical Director of the United Kingdom’s National Cyber Security Centre, Ian Levy, said in a recent blog “we need to ensure we address the cyber security issues to ensure our cities are safe and resilient” because while failures within individual systems can have terrible impacts, the effects are magnified in our increasingly connected world.

“Combine this with the potential privacy intrusion (for example, if the data are collected or processed in a dumb way) and there’s lots to worry about,” Levy says.

And while a lot of cyber security needs to be retrofitted to existing systems, Levy says that as we become more connected we need to make sure we’re making “well-informed cyber security choices” and designing the future properly so we can learn to trust the systems we’re building now.

Cyber criminals today are more sophisticated than ever. Getty.

Cyber security firm SonicWall’s 2021 Cyber Threat report further states building that trust will be a challenge especially as the current state of play is “empowering criminal groups new and old with the ability to launch both global and targeted cyberattacks — from anywhere in the world — with the same force, volume and damaging impact as nation-state campaigns”.

As found in the Blurred Lines and Blindspots report, cyber criminals are more sophisticated, organised, and determined than ever. Digital and data transformation is widening the attack surface and despite their best efforts, overstretched IT and security teams are struggling to keep up.

In his recent HP-sponsored report titled Nation States, Cyberconflict and the Web of Profit, Senior Lecturer in Criminology at the University of Surrey, Dr Michael McGuire, writes a shady affiliation between criminals and security agencies means, “nation states have become both beneficiaries of and contributors to the Web of Profit that constitutes the cybercrime economy”.

Moreover, the threats to business from a deadly partnership between criminals and governments seem to be getting greater with business appearing to now face comparable risks from Nation States as it has done from traditional cyber criminals irrespective of sector or size, McGuire says.

And this dangerous alliance is developing more sophisticated cyber weaponry.

“These newer weapons will draw upon enhanced capacities in computing power, more advanced AI, or more complete cyber/physical integration,” McGuire says in the report.

He highlights weaponised chatbots that are AI devices with enhanced capacities to: deliver more persuasive phishing messages; quickly react to new events and send message responses via social media like Twitter as well as attack other bots.

Other threats include drone swarms capable of overwhelming Wi-Fi or Bluetooth networks and the attack potential of quantum computers capable of cracking any encrypted system.

Furthermore, McGuire says this new class of customised cyber weaponry brought to bear through an alliance of nation states and criminals makes it even more difficult to navigate the future digital world as there’s no agreement on any set of rules.

He says this “lack of effective regulation, or any sign of consensus on the part of nation states in trying to develop acceptable standards of conduct online, is not good news”.

“Indeed, it serves as a further indication that we may be at far greater risk from the internet than was ever suspected.”

As for a solution, Hastie acknowledges we’re still a fair way off developing any standard set of regulations globally so in the meantime “the best thing we can do, given we’re a sovereign country, is look after our people, our interests, our businesses, and that’s what we’re trying to do through the federal government’s Cyber Security Strategy”.

HP Wolf Security is HP’s newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services. Rooted in Zero Trust principles, HP Wolf Security provides defence-in-depth and enhanced protection, privacy, and threat intelligence, gathering data at the endpoint to help protect the business at large. Visit the HP Wolf Security home page to find out more.

Sponsored by HP

Subscribe to gift this article

Gift 5 articles to anyone you choose each month when you subscribe.

Subscribe now

Already a subscriber?

Read More

Latest In Technology

Fetching latest articles

Most Viewed In Technology

    Original URL: https://www.afr.com/technology/facing-up-to-the-next-generation-of-cyber-attacks-20210715-p58a2v