Cybercrime is not something that is just happening to the other guy; it is a real and present danger to us all, right here, right now in Australia. The threat is incredibly serious — and growing.
With our lives becoming more heavily dependent on digital communications and digital systems, cyber intrusions are becoming more commonplace, more dangerous, more sophisticated. Criminal adversaries daily target our nation’s critical infrastructure, including both private and public sector networks. Australian companies are targeted for trade secrets and other sensitive corporate data, and universities for their cutting-edge research and development.
Fraudsters and identity thieves target citizens and our children are targeted by online predators. This means enhancing the Cyber investigative capacity of all our National Law Enforcement services with a priority to sharpen their focus on intrusions into government and private computer networks.
The collective impact is staggering. Billions of dollars are lost every year repairing systems hit by such attacks not to mention the cash and intellectual property that is stolen. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and OOO services around the country, and we the public probably only know a very small amount of what is really happening.
Recently The Nine Network was at the centre of the largest cyber-attack on a media company in Australia’s history, it brought network’s news production systems around the country to a grinding halt for more than 48 hours.
Television and digital production systems were crippled. The 9news.com.au site, was also affected. The nature of the cyber-attack — and if it is criminal sabotage or the work of a foreign nation — is still being investigated.
It has been described as ‘a sophisticated and calculated attack and has fundamentally disrupted how the network delivers and presents news’.
Nine, said ‘the attack was affecting the network’s ability to produce news and current affairs, forcing contingency plans to be put in place’.
It is still working with the Australian Cyber Security Centre in order to resolve the issue, but there are concerns it could take weeks/ months to restore it too normal. I shudder to think just how much it will cost to repair.
Last year alone there were 60,000 reports of cybercrime in Australia – that is one attack every 10 minutes.
So, who is behind such attacks? It runs the gamut from computer geeks looking for bragging rights to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets to spies and terrorists looking to rob our nation of vital information or launch cyber strikes.
Blame is also sheeted toward unfriendly foreign Nations who are out to disrupt and or destroy our way of life.
These computer intrusions – counterterrorism, counterintelligence, and criminal – are happening, but we don’t pay too much attention because it is all at arm’s length. But here’s a case where we all might well say “there but by the grace of God go I”
I recently a had chat with one of Australia’s leading commercial television production houses and I learnt that they had just been a victim of a cruel and expensive cyber hack.
The crime went down like this.
“To give context to our experiences with cyber fraud, our email systems were hacked into. The criminals then proceeded to monitor our communications and send emails posing both as us, and also the clients we work with. They were systematic, observant and covered their tracks.”
“The whole saga began when we received a double payment from one of our international clients, of course we shot them an email to let them know of the mistake and we asked them to send over their bank details for us to transfer the funds back to them. At this point the conversation was hijacked and we received an email from the hackers, posing as the client, directing us to make payment into the bank account details they provided.”
“What followed was a back and forth with the ‘hackers’ systematically sending and replying to key emails, deleting their sent emails, and generally stalling for time. There were communications between the ‘hackers’ bank and our bank, but we weren’t informed it was suspicious, and therefore didn’t think anything of it.”
“It all came to a head around 4 weeks later when we were contacted by the client letting us know they never received the money, and then subsequently by our bank to say they thought the transaction in question might be fraudulent.”
“At this point it was all too late, the money was gone weeks ago. As cybercrime is a rapidly developing field the process of getting answers, let alone retrieving the money, has been pretty arduous.”
“Once we found out what had happened, we took all of the appropriate measures; tightening up our security, investing in the appropriate level of cyber protection, acquired some additional insurance policies and made sure to let people in the industry know. From what we’ve heard, this kind of smart, insidious crime is running rampant overseas, and we want to make sure no one gets stung like we have.”
“By the way we are not talking of a petty cash amount, we’re talking of a six figure number.”
With this information in hand we then spoke with an expert in Internet Security.
Here is what they had to say:
How to Protect Your Computer
Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is pre-packaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
Install or Update Your Antispyware Technology: Spyware is just what it sounds like – software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.
