[BreachExchange] Surge in cyber attacks on Australian business as criminals franchise business

Tue Oct 10 20:30:48 EDT 2017

http://www.afr.com/news/surge-in-cyber-attacks-on-australian-business-as-
criminals-franchise-business-20171009-gyx40n

A growing number of Australian businesses – including those providing
critical infrastructure and national security – are falling prey to
increasingly elaborate scams and attacks orchestrated by cyber criminals.

Cyber criminals have become so successful they are franchising their
software, Minister Assisting the Prime Minister for Cyber Security Dan
Tehan will reveal on Tuesday when he launches a new report warning the
public of the threats lurking online.

"Business is booming for cyber criminals and criminals are treating cyber
as business," Mr Tehan will tell the National Press Club according to
speech notes.

With local companies among those affected by two global cyber attacks in
2017, the Australia Cyber Security Centre identified 47,000 cyber incidents
affecting individuals and businesses in the past 12 months, a 15 per cent
increase. More than half were online scams or fraud, which was up 22 per
cent.

According to the centre, 7238 incidents affected major businesses, while
there were a further 734 cases involving critical infrastructure or
national interest service providers, such as utilities companies,
communications networks, transport providers and financial services.

"Most concerning is that these attacks were more elaborate than the attacks
we have seen in previous years," Mr Tehan will say.

But Australia's cyber police are also seeing an increasing number of
non-traditional victims targeted, with attacks on automotive, accommodation
and hospitality businesses rising by 50 per cent.

National security

Mr Tehan will also reveal the Australian Signals Directorate responded to
671 serious cyber incidents involving government systems.

In one case he will highlight, in November last year a "malicious cyber
actor" compromised the network of a small company contracting to national
security projects and stole a "significant amount of data" over an extended
period.

"Analysis showed that the malicious actor gained access to the victim's
network by exploiting an internet or public-facing server, which they
accessed using administrative credentials," he will say.

"Once in the door, the adversary was able to establish access to other
private servers on the network."

The centre worked with the company to fix the breach and remove the cyber
attacker.

Mr Tehan will say email phishing scams cost Australian businesses more than
$20 million last year, up from $8.6 million a year earlier. In one case,
fake invoices cost one unnamed large Australian business more than
US$500,000.

Mr Tehan will also say authorities have now seen evidence of cyber threat
software and hardware being sold to other operators who lack the skills to
create them scratch.

"The days of the cyber threat being deployed by a hooded computer geek in a
basement are over," he will say.

"Sophisticated organised criminal networks are taking control and
franchising their business model. Ransomware, data-theft, spyware and other
infrastructure can be purchased on the darkweb by anyone with an internet
connection."

Mr Tehan will say the number of cyber attacks is likely to be
underreported, with some businesses reluctant to disclose they suffered a
cyber attack because of the risk of damaging their reputation. But he will
urge corporate Australia to break its silence.

"Each day, there are Australian businesses that are being robbed, held to
ransom, or shut down," he will say.

"In the next 12 months, there will be more globally significant attacks.
There are new cyber threats on the horizon, such as cyber terrorism. They
all pose a danger of financial and social damage."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171010/909d54b3/attachment.html>