For your viewing pleasure we filmed My Security TV at AusCERT 2012 on the Gold Coast in May.
Check out the 8 x Videos or a 1 hour TV Special at the AusCERT 2012 playlist – available at http://www.youtube.com/playlist?list=PL4D676FA0A749B694
Editor’s Desk – AusCERT 2012 Key Take Aways
The key takeaways for me was that the cyber threat is clearly getting larger and there is a great deal of activity in the cyber security sector, with major acquisitions by HewlettPackard, Dell and Northup Grumman. These major brands are entering the IT security market by buying up regional IT Security brands and key security service providers.
Note also I used the term ‘cyber threat’. As of 2012/13 – designing cyber and corporate security systems requires a threat and criticality orientated model. The threat appears to be increasing and exponentially so. This requires C-suite management (or higher) attention.
It is only by adopting a ‘threat’ mindset will you ensure appropriate mitigation is taken. A modern company relies on communications and cyber networks – and hactivists, criminals and terrorists are also online. The magnitude and seriousness (or sophistication?) of cyber crimes being committed is clearly reaching new heights.
To reinforce the general message or theme I perceived at AusCERT 2012, the U.S. Industrial Control System Cyber Emergency Response Team (ICS-CERT) has also experienced a dramatic increase in the number of reported cyber-security incidents against critical infrastructure operators between 2009 and 2011.
In 2009, ICS-CERT fielded 9 incident reports. In 2010, that number increased to 41. From the previous annual incidents of 9, then 41 and 2011, it grew to 198. Of those 198, seven resulted in the deployment of onsite incident response teams from ICS-CERT, and 21 of the other incidents involved remote analysis efforts by the Advanced Analytics Lab. All totalled, ICS-CERT performed 17 onsite assessments during 2009, 2010 and 2011, including seven last year. The most common attack vector for network intrusion was spear-phishing, which accounted for seven of the 17 incidents. “Sophisticated threat actors” were tied to 11 of the incidents, with the goal in several cases being the theft of data. Full report available.
Sony corporation is another case in point. Following Sony taking civil action against a hacker, the company was subjected to retaliation attacks – but not just one or two – the company was hit with over 200 direct online attacks and the P3 online gaming platform was shut down for a month! Bam!!!! Take that!
The group ‘Anonymous’ has even had the gaul to hack into a teleconference between Scotland Yard and the FBI discussing strategies to be taken against Anonymous members, including details of arrests and locations. Anonymous then posted a recording of the call on Youtube.
Other stories included Mexican cartels inserting young students into expensive American schools to study computer science and connect with as many other students as possible on Facebook – the aim is to collect mountains of personal data on future potential targets – including human trafficking. Reports include a young girl being kidnapped and taken across the border on order. She was eventually rescued.
Interestingly, Cartels have also had reported standoff cyber conflicts against Anonymous – following the kidnap of an Anonymous member by the cartel, Anonymous hacked into the cartel’s online networks in a counter strike. Anonymous uncovered the cartel members and their locations and threatened to disclose them to police unless their member was freed. In retaliation the Cartel threatened to kill 10 people for every one cartel member turned in by Anonymous. Anonymous stood down.
There is a rapid learning curve underway within government, intelligence, law enforcement and corporate circles to get back in front of the game. Even cyber criminals struggle to keep up in real time. Some estimate that currently the blackhats are between 6 months and 5 years ahead of the whitehats and the race is on to stem the flow and take back cyber control. I’m concerned!
As a corporate security advisor, the residual internet and cloud based systems coming online have a fundamental need to fully integrate security and must be integral to their overall design. This is easier said than done. Security can never be relied on to be 100%, and less so in the cyber environment. Stay tuned as the APSM will continue to cover cyber resilience as a key element of the modern security discipline. And it’s changing fast!
NEW BOOK & DOCUMENTARY: SECURITY IS FUNDAMENTAL TO US ALL
My co-authored book Corporate Security in the Asia Pacific Region: Crisis, Crime, Fraud & Misconduct (CRC Press, Taylor & Francis Books) is the culmination of five (5) years work of writing projects, eloquently pulled together and polished by Dr. David Brooks, a renowned security expert, colleague and former senior academic at Edith Cowan University. This book examines security related issues, including regional geo-political activity and influence of the myriad of external and internal risks faced by modern corporate operations and security departments, with case studies and country reviews.
In addition, the self-made documentary, 11YRS AFTER 911, was filmed during travels across the USA in April 2012. The video is a montage of interviews with experts in law enforcement, counter terrorism and security management. The video examines the role security plays in modern society and how it has come to be professionalised, in particular in the post 911 era. Hope you take the time to subscribe to My Security TV.
