James Sankar, AARNet’s Director, Enterprise Services reports:
AusCERT2013, the 12th annual AusCERT Information Security Conference was held from 20th-24th May 2013 at the RACV Royal Pines Resort on Queensland’s Gold Coast, Australia.
The theme for AusCERT2013 was “This time, it’s personal”, reflecting the growth in attacks and unauthorised disclosures of online personal information. Motivated by illicit financial gain, cyber criminals obtain unauthorised access to personal information, but more and more, we are seeing data disclosures being posted publicly by attackers for political motives, rather than financial gain.
Overall AUSCERT 2013 was an impressive conference that covered technical and strategic topics of interest. The security industry offers a number of products and services but relies on the mutual sharing of incidents and vulnerabilities when attacks are widespread.
Michael T Jones, Google’s Chief Technology Advocate explained the importance of two factor authentication with mobile phone SMS messages alongside default secure http webpages to improve secure searches. Google has gone further to inform users of any links that are known to include malware.
See https://www.virustotal.com/en/ for free checking of files and websites using over 300+ products with the aim to raise the bar for vendor and end user awareness.
HD Moore, Chief Security Officer at Rapid7 and Chief Architect of Metasploit presented his latest research on global vulnerability analysis where through the use of bot.nets, trace routes and reverse DNS he collated glaring security holes translated into a global map highlighting 18 most exposed ports, interestingly the Australian results showed less than 20% relative deviation for any service when compared to global results.
Key vulnerabilities include:
Mark Fabro, President and Chief Security Scientist, Lofty Perch, Inc provided insight on SCADA (supervisory control and data acquisition), a type of industrial control system (ICS) which if attacked increases the potential for physical real world impacts. The energy sector is high risk for command and control systems exploitation.
See the World Economic Forum Cyber Vulnerabilities report for more detail at http://www3.weforum.org/docs/WEF_IT_PathwaysToGlobalCyberResilience_Report_2012.pdf
Companies need to consider not only their own networks and infrastructure but also their supply chain and any services sourced from cloud computing service providers where interdependencies could create the unthinkable if proactive planning through threat tree scenarios is not developed to mitigate future attacks.
Applying cyber kill chain allows attack behaviours to be identified and managed. See http://www.digitalbond.com/blog/2011/11/22/applying-the-cyber-kill-chain-to-ics-part-1/ for more.
Marcus Ranum, Chief Security Officer, Tenable Network Security gave a refreshing talk on how the military rhetoric in cyber security is misplaced through demonstrations of real world war examples over the ages that simply do not make sense in cyberspace. He notes that Cyberwar was simply a move to keep traditional machines of war in business.
Today, network engineers are on the frontline as espionage offers a more effective avenue in cyberspace. Distributed warfare is making everyone the frontline. Marcus recommends reading http://www.amazon.com/Lic-2010-Operations-Unconventional-Brasseys/dp/0080359825 for those more interested in this subject.
The growth in targeted, personal and insurgent-like one-off attacks that have moved from pranks to criminal gain (financial or espionage) places new demands on all employees and executives to increase their awareness of security issues for accessing third party services, bring your own devices and industrial control systems that have physical impacts on the way we live and work.
Securing competitive advantages in a highly competitive global world is being impacted through espionage and disruption.
Mar 28, 2017
Three AARNet staff members were among around 200 members of the scientific community attending this year's annual Science Meets Parliament event (SmP2017) in Canberra on 21 and 22 March. The two-day gathering is hosted by peak body Science & Technology Australia (STA) and included a day of professional development, a...
Sep 16, 2016
Enabling Data Flow between HASS and GLAMs Workshop When: Friday 14 October Where: Pullman - Albert Park, Melbourne AARNet Presenters: Ingrid Mason. Deployment strategist (eResearch), Chris Myers. Solutions consultant (architecture and applications), Hilary Goodson. Strategic engagement (customer relations), Guido Aben. Director (eResearch) . We're holding a half-day Workshop will be held at the eResearch Australasia Conference...
Sep 13, 2016
Registrations are now open for AARNet's Science DMZ workshop When: 10 October 2016, 9.30am to 4.30pm Where: Pullman - Albert Park, Melbourne Presenter: Chris Myers - Solutions consultant (architecture and applications) for AARNet. This is a pre-conference workshop for the eResearch Australasia Conference , on 10-14 October 2016. The workshop will give attendees an overview...