Story image

CERT Australia reveals this year's cybersecurity challenges

27 Feb 2018

Australia’s Computer Emergency Response Team (CERT) has analysed the trends and revealed what it believes will be the country’s biggest security challenges this year, and vulnerability exploits are at the top of the list.

The watchdog says that malicious activity against Australian enterprises is increasing in frequency, scale, sophistication and severity – a dangerous combination when paired with the reach and diversity of evolving threat actors.

While the Notifiable Data Breaches Act and the GDPR may clamp down on privacy infringements, businesses still remain under pressure to remain resilient, CERT says.

Criminals will continue to exploit known vulnerabilities; social engineering will craft sophisticated networks; supply chain targeting will go after third parties; and the Internet of Things will continue to present growing risks.

Here’s what CERT Australia has to say.

1.  Would-be crims will grow in number exploiting known vulnerabilities

For some time, cyber criminals have been selling their malware products to others lacking the skills. This ‘crime-as-a-service’ has become very popular and more variants and services are becoming available. Ready-to-use ransomware kits are particularly popular and cryptocurrency mining malware is on the increase. While it may not lock up your data, this cryptocurrency mining malware exploits your systems’ processing power and can cause a significant headache for businesses.

This opportunistic targeting is simple and cheap, and will continue as long as organisations and individuals fail to implement baseline security.

We can therefore expect to see more unsophisticated malware attacks with widespread effects, particularly targeting known network vulnerabilities.

2.  Increased sophistication will be used to target high-value networks

With social engineering techniques soaring to new heights we will likely see some of the most sophisticated targeting of high-value networks, fooling even the most informed individuals. Legitimate communications are becoming almost indistinguishable from social engineering attempts. Robust technical controls will be increasingly important to protect networks from this kind of malicious cyber activity.

Critical infrastructure and critical services will likely continue to be a popular target for sophisticated attacks, to either cause disruption or extort money.

3.  Supply chain targeting will continue to be popular as third parties prove to be a weak link

Sophisticated cyber activity against third-parties—vendors that provide services to a company or agency—will likely increase.

As it has become more difficult to directly compromise high-value targets, adversaries are seeking secondary or tertiary access to those networks. Companies that provide products or services through outsourcing arrangements are highly attractive in this regard. The extent of the threat is largely dependent on the relationship between the outsourced provider and customer, in particular the extent of the provider’s access to client networks and databases.

Managed service providers will continue to be particularly attractive targets as they have a broad range of customers, connectivity and access to their customers’ networks and data.

4.  Internet of Things (IoT) will create further risks

The risks associated with IoT will continue to grow as more and more smart devices, gadgets and equipment flood the market alongside new attack surfaces being exposed in autonomous systems such as self-driving vehicles.

In 2018 we expect to see more consumer pressure on manufacturers to include security controls while businesses grapple with what information is leaving their organisation, the legal exposure they may face and the risk to their networks.

Additionally, adversaries are likely to continue exploring IoT devices (such as CCTV and HVAC units) as an attack vector for air-gapped systems in government and industrial networks.

WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
Flashpoint signs on emt Distribution as APAC partner
"Key use cases that we see greatly benefiting the region are bolstering cybersecurity, combating insider threats, confronting fraud, and addressing supply chain risk, to name a few."
The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.