cl-au logo
Story image

The future of cybercrime in Australia – ESET

15 Jul 2019

Article by ESET senior research fellow Nick FitzGerald

I must admit that this article’s title is a ruse!

You see – and at the risk of offending the fair residents of the Lucky Country – there is little specifically Australian about any cybercrime or the directions it follows as it develops and expands.

Surprised? It’s right there in the name: “cyber” basically means “of computers, IT, or the internet”.

Although its copper and fibre tendrils must be physically present so connections can be made, the internet is really an ethereal collection of protocol definitions allowing computers to interconnect and communicate more or less flawlessly.

Thus, a computing device in any physical location is not fundamentally different from any other connected to the internet, and all are approximately equally accessible from anywhere.

Of course, that does not mean cybercriminals necessarily attack connected devices indiscriminately.

They occasionally do, such as when we see any and all accessible IoT devices recruited into DDoS botnets or when mass-spreading computer worms proliferate.

However, that is not the usual modus operandi.

Computers located in specific countries (or containing the data of organisations from specific countries) may be more attractive to cybercriminals because those countries are richer and thus, on average, their institutions will have more to lose.

However, that’s a very broad-spectrum observation and hardly rates as “deliberate targeting” beyond the simplistic level suggested by infamous US bank robber Willie Sutton who, when asked why he robbed banks, reputedly answered “Because that’s where the money is”.

Some cybercriminals are primarily driven to compromise specific targets for their geopolitical significance to the attackers, or those funding them.

These attacks will continue so long as the target seems worthwhile and the attackers have funding to continue their work (read: forever).

This is essentially the extension of nation-state spying into the computer realm, and unlikely to feature in the risk modelling most us will be doing.

Other groups (some are also state-sponsored, others presumably competitors) target specific companies for their intellectual property (IP).

The remainder are generally more opportunistic, plucking low-hanging fruit readily identified with search tools such as Shodan or using intelligence purchased on the black market.

These cybercrooks typically focus on infiltrating networks and stealing money through fraudulent bank transfers and the like, or on document and IP theft driven by the hope that they will subsequently be able to find a buyer for their haul.

So how do you protect yourself against these diverse groups of cybercriminals?

Careful, ongoing risk modelling should inform you of the likelihood your organisation will be in the actual or probabilistic crosshairs of these various groups.

Of course, you already have standard endpoint protection, suitable firewalls and other network protections, 2FA and backup solutions in place.

However, depending on how much greater the threat that these more organised and motivated groups might pose, you may be inclined to consider endpoint detection and response (EDR) solutions and/or threat intelligence services.

Both can help improve your ongoing risk analysis, and EDR solutions provide unprecedented visibility into your company network and the ability to perform complex anomaly detection and remediation, locate policy violations and more.

Story image
Dicker Data A/NZ open for business as countries face lockdown
Dicker Data’s founder and CEO David Dicker says the company is open for business and fully operational as Australia and New Zealand prepare for country-wide lockdowns.More
Story image
Deep learning seeing widespread adoption in APAC region
As a sub-category of machine learning, deep learning is fast becoming part of mainstream AI deployments – new software to join the likes of Siri, Alexa and Cortana is currently being developed and will likely be introduced in the next few years, says GlobalData. More
Story image
Stealth Gaming makes a push for the Australian market
“ABP Technology is one of the UK’s largest supplier of video game headsets and we are looking forward to emulating this success and taking the business to the next level in the Australian market."More
Story image
PMT Security launches body-temp scanning solution for enterprise, Seadan to distribute
"It was a no-brainer for us to choose our trusted partners Seadan. We engaged and took advice from them during the decision-making process to find the best UNV product to bring to market."More
Story image
Synnex signs on Chrome OS transformation vendor
Neverware’s CloudReady allows schools and other organisations to covert old PCs and Macs to cloud-managed Chrome OS devices. More
Link image
Need better security now your workforce is remote? Get it for free
Remote working comes with all kinds of cybersecurity risks. Protect your business by leveraging multi-factor authentication, biometrics and push notification software for free.More