Our head of cyber security and risk, Marc Tapping warns ransomware is rampant and continues targeting consumers, business and government.
The most recent global ransomware event highlights just how fragile our systems really are, and equally how unprepared we were for what Marc says was really, a natural evolution in the increasingly sophisticated world of cybercrime and espionage.
"An intelligence agency sits on software vulnerabilities and code to exploit it for years; they get compromised somehow; the vendor is warned and interrupts its normal patch cycle to issue a fix; the information gets dumped online; cybercriminals develop a way to make money from it; and real impacts are felt worldwide with the obligatory media frenzy. I’ve read a few books that follow a similar pattern,” says Marc.
Many examples of ransomware are indiscriminate but others are clearly targeted based upon the sums being demanded in payment. What has caused this? Perhaps digital currency, because it has almost single-handedly enabled criminals to monetise their activities with a very slim chance of being tracked and held accountable.
"The days of the stand over guy are over when criminals in any part of the world can extort, transfer and access money so easily”, says Marc.
Criminal groups are organised and sophisticated; they have access to highly talented people either directly or indirectly using ‘crime-as-a-service’ type arrangements. Marc says, “I imagine that almost everyone knows someone or of someone who has been impacted by these types of activities; the media is full of it, government is challenged by it, and law enforcement is stretched by it”.
Marc believes awareness levels need to be raised, that we should be prepared to tell the public the true scale of the problem and the types of organisations being impacted to effectively get the message across.
Next year the Australian Government will be rolling out the Notifiable Data Breaches scheme and this should help open up the conversation. The scheme will ensure affected individuals are notified about serious data breaches where their information has been disclosed.
“Other traditional measures like patching applications and operating systems, disabling macros on documents, creating strong passwords, not reusing your passwords, keeping a current backup of data offline, all help too”, says Marc.
“To appreciate the size of the problem, we only need to look back to 2014 when the United States Office of Personnel Management was breached by nation state actors. As the threads were pulled byincident responders and information released, the scale of it was almost unbelievable.
Whilst this might not be the most media-attractive breach in comparison to Ashley Madison, Target, eBay, LinkedIn or Yahoo, it undoubtedly has the furthest reaching impact”, says Marc.
Anyone who has undergone a security clearance will understand just how much of your personal (including your family and friends) information is provided. “Consider this,” says Marc, “the home address, education, family members, financial, health, criminal, work history, travel, even the fingerprint information for millions of current (and former) US clearance holders and applicants was breached. We may not know the true impact of this for years to come, but I’m sure the intelligence agencies of the specific nation state actors are busy!"
It’s critical organisations understand the risks and take steps to protect themselves. They should understand what they need to protect, determine how best to protect it and maintain that state, be vigilant. “It’s not easy, clearly, so get advice from people who do this because despite what you read and what sales people will tell you there is no one-stop-shop for this, no fancy boxes with blinking lights, no quick fix,” says Marc.
No business and certainly nobody is immune. Saab Australia is offering advice and services to federal and state government agencies, technology companies, employment services, financial institutions, defence contractors, independent schools, national retail chains, universities, web developers, civil security, airports, law enforcement. For support with your business, give Marc a call on 08 8343 3800.
About Marc Tapping
After a spell on building sites and the UK Armed Forces he connected to the digital world as a mainframe computer operator, progressed to technical support, then networking in the 1990s. Up until 2010 he was heavily involved in managing and implementing networks, firewalls, intrusion prevention, proxies etc. He then moved direction and started performing vulnerability assessments, penetration testing and more generic information security consulting. Marc has multiple vendor and industry certifications and is a certified IRAP assessor with the Australian Signals Directorate.