[BreachExchange] Sharp rise in cyber scams and attacks

Audrey McNeil audrey at riskbasedsecurity.com
Tue Oct 10 20:30:57 EDT 2017


http://www.theaustralian.com.au/news/latest-news/defence-
contractor-had-it-systems-hacked/news-story/31bac8182430f062a7e6b3872f6775
6a?nk=7a7e14cf4b93b34637517cbcf56c93b1-1507648687

An Australian defence contractor is among the victims caught up in online
scams and fraud incidents which Australia's cyber security watchdog says
increased by 15 per cent in the past year.

The Australian Cyber Security Centre's 2017 Threat Report, released on
Tuesday by the minister responsible Dan Tehan, identified 47,000 cyber
incidents over the year - half of which were online scams or fraud.

Among the attacks was a serious breach of the computer system of a defence
contractor in November 2016.

Mr Tehan said in that incident, revealed for the first time on Tuesday, a
significant amount of data had been stolen and the ACSC watched as the
attacker accessed the network.

"Analysis showed that the malicious actor gained access to the victim's
network by exploiting an internet or public-facing server, which they
accessed using administrative credentials," the minister said.

"Once in the door, the adversary was able to establish access to other
private servers on the network.

"The ACSC worked with the affected company to remediate the compromise,
remove the malicious actor and provide tailored advice on how to prevent
this happening in the future."

The ACSC also reported 7283 of the cyber security incidents affected major
Australian businesses.

Mr Tehan said online attacks on private sector systems of national interest
and critical infrastructure were also becoming more elaborate and
sophisticated.

"Business for cybercriminals is booming across the nation and it is
impacting all of us," Mr Tehan told the National Press Club in Canberra.

The solution lay in more government agencies, businesses and individuals
reporting attacks and cooperating to improve cyber security.

One of the biggest global threats over the year was the WannaCry ransomware
attack, which impacted more than 200,000 people and created economic losses
in the hundreds of millions of dollars.

However, small businesses were also being affected.

Mr Tehan says business email compromise in Australia had cost an estimated
$20 million over the past year.

The typical example involved a criminal gaining access to a business' email
system, intercepting emails such as invoices and forging them to redirect
money to another bank account.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171010/0fcd7418/attachment.html>


More information about the BreachExchange mailing list