MELBOURNE –- Two thousand and twelve is the year of cyber crime on all levels, from individuals and hactivists, to organizations and countries, contends cyber securities expert Dr. Mark Gregory.
“There has been a continual ramping up — 2012 is the first year where cyber attack and cyber defense is the norm, and part of our everyday life,” he said.
This week, the Australian Federal Police (AFP) issued a warning that online attacks on companies are becoming more common, following a cyber attack that forced the ANZ and St George banks to shut down their online broking sites.
In the Middle East, the Israeli Government has threatened retaliation over a recent cyber attack, in which a hacker published the credit card details of thousands of Israelis. The Israeli Deputy Foreign Minister described the attack as a “breach of sovereignty comparable to a terrorist operation.”
And in a major security breach overseas, hackers have revealed online thousands of British email addresses and encrypted passwords, including those of defense, intelligence and police officials as well as politicians and Nato advisers.
“There’s great evidence out there, postings and information from government officials that show countries are building attack and defense capabilities and that organizations are doing the same thing,” Dr. Gregory said. “There are also multinational criminal organizations building tools, and of course, you have the hactivist, like Anonymous, LuzSec and other groups, that are becoming fairly mature.”
Dr. Gregory explains that cyber crime occurs on three different levels:
One is a country or a group of countries attacking another country, where their purpose is to disable that country –the infrastructure, electronic systems, and key financial, government and defense systems. The next level is corporation to corporation where they are stealing secrets and IP [intellectual property], and another motivation is to shame that other company in the marketplace. Then there’s the hactivist — they fall into three groups: white, black and grey hats.
According to Dr. Gregory, cyber crime will become even more sophisticated this year. “To some extent, there’s a bottleneck effect,” he said. ”Hackers utilize automated systems to break in and collect information back to their servers, and they now use analysts to mine through the data to get the information they seek.”
For cyber defense teams, tracking down the hackers is become an increasing challenge. “There are thousands of people involved –- It’s hard to pinpoint where it’s coming from as it’s distributed all over the world. It’s similar to the drug gangs –- the cyber-criminal organisations are now fully organised like the Mafia and Yakuza — they’ve all diversified.”
And what can individuals do to protect themselves from these attacks? Dr. Gregory encourages us to be proactive. “In Australia, we have a fire plan for bush fires, so we should also have a security plan for how our families interact on the network,” he said.
He recommends a security plan which incorporates fire walls, anti virus, checking computers and changing passwords, and advises us to only use e-commerce and bank websites that offer second level security such as tokens or SMS verification.
Photo: John Pellino/DOIM MMB, Flickr