sb-au logo
Story image

CERT Australia reveals this year's cybersecurity challenges

27 Feb 2018

Australia’s Computer Emergency Response Team (CERT) has analysed the trends and revealed what it believes will be the country’s biggest security challenges this year, and vulnerability exploits are at the top of the list.

The watchdog says that malicious activity against Australian enterprises is increasing in frequency, scale, sophistication and severity – a dangerous combination when paired with the reach and diversity of evolving threat actors.

While the Notifiable Data Breaches Act and the GDPR may clamp down on privacy infringements, businesses still remain under pressure to remain resilient, CERT says.

Criminals will continue to exploit known vulnerabilities; social engineering will craft sophisticated networks; supply chain targeting will go after third parties; and the Internet of Things will continue to present growing risks.

Here’s what CERT Australia has to say.

1.  Would-be crims will grow in number exploiting known vulnerabilities

For some time, cyber criminals have been selling their malware products to others lacking the skills. This ‘crime-as-a-service’ has become very popular and more variants and services are becoming available. Ready-to-use ransomware kits are particularly popular and cryptocurrency mining malware is on the increase. While it may not lock up your data, this cryptocurrency mining malware exploits your systems’ processing power and can cause a significant headache for businesses.

This opportunistic targeting is simple and cheap, and will continue as long as organisations and individuals fail to implement baseline security.

We can therefore expect to see more unsophisticated malware attacks with widespread effects, particularly targeting known network vulnerabilities.

2.  Increased sophistication will be used to target high-value networks

With social engineering techniques soaring to new heights we will likely see some of the most sophisticated targeting of high-value networks, fooling even the most informed individuals. Legitimate communications are becoming almost indistinguishable from social engineering attempts. Robust technical controls will be increasingly important to protect networks from this kind of malicious cyber activity.

Critical infrastructure and critical services will likely continue to be a popular target for sophisticated attacks, to either cause disruption or extort money.

3.  Supply chain targeting will continue to be popular as third parties prove to be a weak link

Sophisticated cyber activity against third-parties—vendors that provide services to a company or agency—will likely increase.

As it has become more difficult to directly compromise high-value targets, adversaries are seeking secondary or tertiary access to those networks. Companies that provide products or services through outsourcing arrangements are highly attractive in this regard. The extent of the threat is largely dependent on the relationship between the outsourced provider and customer, in particular the extent of the provider’s access to client networks and databases.

Managed service providers will continue to be particularly attractive targets as they have a broad range of customers, connectivity and access to their customers’ networks and data.

4.  Internet of Things (IoT) will create further risks

The risks associated with IoT will continue to grow as more and more smart devices, gadgets and equipment flood the market alongside new attack surfaces being exposed in autonomous systems such as self-driving vehicles.

In 2018 we expect to see more consumer pressure on manufacturers to include security controls while businesses grapple with what information is leaving their organisation, the legal exposure they may face and the risk to their networks.

Additionally, adversaries are likely to continue exploring IoT devices (such as CCTV and HVAC units) as an attack vector for air-gapped systems in government and industrial networks.

Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Gartner: By 2023, 65% of the world will have personal data covered under modern privacy regulations
“Security and risk management (SRM) leaders need to help their organisation adapt their personal data handling practices without exposing the business to loss."More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More
Story image
Fortinet SOARs to new heights of protection on the wings of AI & automation
Jon McGettigan, Fortinet A/NZ Regional Director, talks about SOAR (security orchestration, automation and response) and explains that effective SOAR starts with your security policy.More