National Security reforms needed before the Internet of things The half way approach putting all Australian’s at risk: Why it’s time to decide if security technology should or shouldn’t be regulated by Police and Fair Trading Departments
T By Chris Cubbage Executive Editor
38 | Chief IT
his article concerns the inadequate and unworkable legislation affecting the physical and cyber security sectors in Australia, with State based legislation being applied when a national approach is required and urgent reform needed as the convergence of physical and cyber security systems continue rapidly towards the Internet of Things. In early October, the US government formally accused Russia of hacking the Democratic party’s computer networks and said that Moscow was attempting to “interfere” with the US presidential election. The accusation marks a new escalation of tensions with Russia and came shortly after the US secretary of state, John Kerry, called for Russia to be investigated for war crimes in Syria. Then there is Ukraine. The December 2015 Ukraine power outages, referred to in the ACSC Threat Report 2016, highlight the “vulnerabilities of critical infrastructure to sophisticated adversaries. In a well planned and highly coordinated operation, an adversary successfully compromised and affected the systems supporting three power control centres, taking down 30 substations and leaving over 225,000 Ukrainians without power for several hours. The adversary also delayed restoration efforts by disabling control systems,
disrupting communications and preventing automated system recovery. These effects were the result of over six months of planning and involved a range of activities, including compromise through spear phishing, the theft of user credentials through key loggers, and data exfiltration.” In late September, security researcher Brian Krebs' site KrebsOnSecurity got knocked offline by one of the biggest DDOS attacks ever recorded, which peaked at 620 Gbps. But the most crucial distinction from a normal DDOS strike: These bots were mostly IoT devices. The majority of the estimated 145,000 devices were CCTV cameras and DVRs. Many of these were using either default passwords or easilyguessed ones ("1234," "password," "admin"). In the ACSC Threat Report 2016 a case study described how the ACSC was notified of a cyber intrusion on the corporate network of an Australian critical infrastructure owner and operator. The report informed that “CERT Australia led the ACSC’s incident response, working alongside the AFP and ASD to determine the extent of the compromise and the identity of the responsible actor. Working onsite with the victim, the AFP identified a significant amount of data had been stolen from the network, including sensitive information relating to the organisation’s
Published on Nov 2, 2016
ChiefIT.me Magazine covers the domains of Information Technology and Innovation. Be kept up-to-date with all the latest industry news and pr...