ARN

Getting on top of the security landscape

The recent cyber-attack on the Australian Federal Government computer system network highlights the growing risk of data compromise.

The recent cyber-attack on the Australian Federal Government computer system network highlights the growing risk of data compromise.

And things are only likely to get worse. The 2019 Symantec Internet Security Threat Report found web attacks increased 56 per cent year-on-year, mobile ransomware was up 33 per cent, and the number of attack groups using destructive malware increased 25 per cent.

As organisations from small businesses to large enterprises become increasingly aware that cyber security is a business issue and not an IT issue, they are looking to establish complex security solutions that can handle cloud, hybrid, and on-premise environments.

Arrow ECS works closely with Symantec and resellers to help organisations grapple with this increasingly complex threat environment. Through this partnership, Arrow ECS has invested heavily in developing value-adding services to support channel organisations, through pre-sales, engineering, and in getting on top of the security landscape.

The changing philosophy of the hacker

According to the Internet Security Threat Report, the philosophy of hackers has shifted. They are becoming stealthier and more ambitious. From government to the largest enterprises, hackers are taking on the toughest targets.

And they are changing how they operate. Some of the hacking groups Symantec has outed no longer use malware to conduct their attacks. Malware can be identified and associated with a group, which makes it easier to deal with once it has been discovered. As a result, some hacking groups are turning to alternatives such as ‘living off the land’ attacks. They aren’t new, but they are becoming popular again.

In a living-off-the-land attack, the hacker uses off-the-shelf tools and operating system features to conduct the attack. Because it is disguised as a legitimate process it often goes unnoticed.

Hackers are also exploiting security weaknesses in newer technologies. S3 buckets, a public cloud storage resource, were targeted in 2018 and as a result 70 million records were stolen or leaked. In the IoT space, the ongoing challenge with securing routers – which account for 75 per cent of IoT attacks – saw the emergence of VPNFilter. It has already infected more than 500,000 routers.

The situation in Australia

Other key findings of the Internet Security Threat Report included:

Australia is a leader in the frequency of malicious emails – one in every 728 emails is defined as malicious. This puts Australia in 42nd place globally despite the country only having a population of just over 25 million (55th in terms of total population count).

In some sectors, the rate of malicious emails out-performs the global average of one in 412. For example, the malicious email rate in mining is one in 332. Australia’s wholesale trade sector came in at one in 363.

Significantly, given the increasing importance people place on mobile phones, Australia is a top 10 target for mobile malware; with 1.9 per cent of threats, the country is placed 7th globally.

The depth and breadth of threats outlined in the Symantec Internet Security Threat Report demonstrated the value Arrow ECS provides to the channel.

What can Australian individuals and organisations do to protect themselves?

In addition to adopting quality security solutions and ensuring they are maintained throughout the home or organisation, there is a lot of best practice Australians should be aware of. For example, 37 per cent of malicious emails have a simple .doc filename attachment, and 15.7 per cent are dressed up as a bill.

Australia also ranks 22nd in the world for email phishing scams. The most effective way to manage such threats is to ensure all employees are educated in security best practices such as carefully looking at the sender of an email, recognising a suspicious attachment and identifying other warning signs.

One of the common threats the Internet Security Threat Report highlights is that attackers assume an organisation will have robust security in place. Their goal is to find ways around it. Unfortunately, it only takes one mistake to expose an organisation. And that is why everybody needs to think security first.

To download the full Symantec Internet Security Threat Report, click here.