Are you prepared? Mobility opens doors to new wave of cyber attacks

Security on the Move was the subject of a recent AusCert workshop. AARNet’s Director, Enterprise Services, James Sankar was there and reports on the highlights:

Bring Your Own Device (Android) and Social Media (to trawl and impersonate identities for ID theft and to spread malware by URL links) are key threats facing a more complex, diverse and mobile computing environment.

 Processes for data breach notifications

Mandatory breach legislation has been delayed until after the election but companies should prepare processes today – http://www.oaic.gov.au/privacy/privacy-resources/privacy-guides/data-breach-notification-a-guide-to-handling-personal-information-security-breaches

 Some of the latest cyber threats

• Ransomware is on the rise – attackers gain unauthorized access, encrypt data and freeze business processes and operations until a ransom has been paid.

• Unauthorised access can occur where key staff or key suppliers and partners are targeted.

• Secure deal rooms are emerging as attackers want access to data that could either influence deals or seek financial gain by accessing inside information that could affect share prices.

• Open Source bot.net kits that can find and exploit vulnerable devices are cheap and customizable. Access to a robust network and security devices alongside regular security reviews can help but may not prevent attack such as zero day attacks.

• Watch this video: APNIC 36: AusCert’s Parth Shukla introduces the Carna botnet

  IT Security teams need to act as educators for business

• IT security teams should inform on security options, help identify risks and impacts and assist with solutions to help drive online business
• security should be based on the Pareto 80/20 rule – prioritise investment in 80% of potential threat areas and attack vectors, it’s too costly to aim for 100% and better to note the risk and design with the expectation that you will incur a security breach with clear processes in how to deal with that.

Securing Domain Name Services

Nomium and Sophos announced a partnership designed to secure Domain Name Services (DNS) by adding Sophos threat detection to the DNS so that phished URLs can be detected and blocked.  This simple deployment offers a step check which involves a common query to access a website or content.

Further research into the global supply chain, from components to device manufacturers may be a next step to addressing these threats as built vulnerabilities.

AusCert is working with AARNet to develop new services to help the research and educational sector better prepare for the future, for more details please contact James Sankar at AARNet (consulting@aarnet.edu.au).