Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-safety

Why Cyber Security needs to be seen as a business risk – not just an IT problem

Telstra Vantage™ Cyber Security

Posted on October 10, 2017

4 min read

It seems like almost every week now there’s another high-profile and highly-damaging cyber security breach. In May, we witnessed a massive global ransomware attack that impacted thousands of businesses, for instance, while a breach of US credit rating agency Equifax exposed sensitive personal information from nearly half of the US population.

Security through obscurity is no protection, with malware and ransomware constantly disguised as legitimate business emails and Distributed Denial of Service (DDoS) attacks often affecting large numbers of small and medium-sized businesses that share the same Web host platform.

Telstra’s Cyber Security Whitepaper research found that some 59 percent of businesses across Asia and Australia detected business-interrupting security breaches on a monthly basis in 2016. Another survey, by the Ponemon Institute, found that an organisation has a one in four chance of experiencing a material data breach over the next two years, with the average total cost per breach at US$3.62 million. And these breaches often occur within minutes of an attack starting, according to security company Palo Alto Networks.

It’s no surprise, then, that cyber security factored large at the 2017 Telstra Vantage.

Trends

Numerous exhibitors were showcasing secure public and private cloud services, while a few focused on DDoS protection and several others offered platforms and tools built around network security and/or managed security services. There was even a company offering facial recognition solutions for automated staff time and attendance reporting (and other internal business things that could benefit from biometric security) and real-time analytics for customer insights and personalisation.

There was a big stress across the show floor on automation — on automated network monitoring and threat filtering, to whittle down several hundred thousand potential threats to a manageable subset of half a dozen that require the attention of security staff, and on automated provisioning of security certificates, among other things.

But the main trend on show was for a shift to secure cloud-based data and applications with managed network security and tight collaboration between the customer, the government, and the service provider’s security operations centres.

Collaboration is key

Cyber threats have now reached a scale and magnitude that’s beyond any one organisation to manage. Vigilance is no longer enough, Telstra’s Asia Pacific Chief Information Security Officer Berin Lautenbach emphasised during a talk at Vantage. You can’t just look for virus signatures and other known threats; the danger now lies in the unknown, the unusual activity and unrecognised software and infrastructure exploits.

The future of cyber security is collaborative — everyone sharing their security knowledge with the government and working together to rapidly identify and respond to threats. Telstra is looking to be a leader in this space. In August, Telstra officially opened its first two Security Operations Centres — one in Sydney and the other in Melbourne, with additional locations around the world planned for 2018.

Managed security services are traditionally the realm of large enterprise and government, but Telstra hopes to bring mid-sized companies into the fold in order to develop a kind of cyber herd immunity — to reduce the risks for everyone by gaining more data points and learning more about the strategies and techniques used by cyber criminals.

Cyber security risks start inside a company

All of these security measures may be moot if the people working for an organisation become lax in their security practices. The Ponemon Institute’s cost of data breach study found that 25 percent of data breaches were caused by negligent employees or contractors.

It’s not just about educating the core workforce, either, but also the senior executives and board members of an organisation — who need to see that security is a business risk.

Lautenbach said that IT staff around the world have twice failed to get this idea across. The first time, more than a decade ago, they went too technical, while the second time they dumbed it down to something along the lines of “it’s scary and you need to give us money.” This time, he explained, we need to make it about asking the right questions — beginning with “what’s important to the company?”

By getting every level of an organisation on board with the same cyber security strategy, Lautenbach stressed that it becomes easier to manage risk. Not only in preventing breaches but also in responding to them, at which point consistent messaging becomes vital to retain customer trust.

The opposition works as a team, he said, so it’s incumbent on technology companies to do the same.

Tags: cyber safety,

Be careful out there

One starry, starry night…

ISP blocking - our evaluation report

Opening our new Security Operations Centres – 360 video

Cyber Security

Posted on August 24, 2017

2 min read

Today, we officially open the doors to our newest Security Operation Centre in Sydney, where we will offer our Enterprise and Government customers with a more agile, intelligent and collaborative approach to cyber security. This is essential. At a time when we are seeing an unprecedented rate of cyber-crime in business, it has never been more important to understand and manage cyber risk, for ourselves, and for our customers.

Our state of the art Security Operations Centres provide 24/7, 365 priority access to our highly-skilled cyber security specialists. Our customers can not only see what we see, they can come in and work with us, learn with us, and influence how we develop our security products. Underpinning all of these activities is a powerful open source Managed Security Services platform that lets us tap into global innovation.

As Australia’s largest telecommunications provider, we have an obligation to deliver these kinds of services to market. But, we know we cannot do this alone. In the wake of recent ransomware attacks globally, we believe that no one organisation can tackle the cyber conversation.  Cyber security is a team sport and requires the collaboration of government, regulators, businesses and the community to develop solutions that help build resilience, cyber security and cyber safety for our people.

The Government has set the agenda with a cyber security strategy which we fully support. Now, our role is to help turn this intent into action by providing our customers with the products and services that will deliver a more secure operating environment for all Australians.

We’re excited to open the doors to our Sydney SOC, with Melbourne opening later this month, and an intention to launch globally in 2018.

Below you can watch a 360 tour of the SOC.

If you are having problems viewing this video watch it directly on Facebook here.

Understanding broadband speeds on fixed networks

Be careful out there

Unplug me and I cease to exist

Cyber Security: Our 24 hour challenge to students isn’t a game

featured Cyber Security

Posted on July 13, 2017

1 min read

 The 2017 Cyber Security Challenge prize-giving has wrapped up with one lucky team (UNSW team 1) heading off to Las Vegas for the globally renowned DEF CON conference.

The Cyber Security Challenge is a 24-hr ‘hacking’ competition where 310 students from 26 university and TAFE students used their offensive and defensive hacking skills to break into a digital system. The theme for this year’s challenge was the Internet of Things (IoT) where virtualised devices were used to access and override sensitive information.

The challenge was designed to see if the students can do what a hacker would do, by identifying and exploiting vulnerabilities inside a digital system.

The Challenge was run by the Australian Government and supported by Telstra, other companies and industry bodies.

We’ve written about the cyber security risks with IoT devices before and continue to take cyber security incredibly seriously for both our customers and our wider business.

Cyber Security Challenge Australia

Find out more about Cyber Security Challenge Australia and encourage interested students from anywhere in Australia, particularly women and first year students, to form teams and get involved in 2018. For more information, contact cyberchallenge@pmc.gov.au

Be careful out there

One starry, starry night…

ISP blocking - our evaluation report

Cyber Security: Defence against the Petya ransomware outbreak

featured Cyber Security

Posted on June 30, 2017

3 min read

A ransomware outbreak dubbed Petya (NotPetya) has recently occurred stemming from Ukraine and infecting computers around the world.

This ransomware, like other malware of its type, uses encryption to highjack devices promising to reverse the process with the payment of a ransom.

As of the time of writing, global security research efforts are still ongoing into the Petya ransomware, but some facts and security defences can be recommended.

Organisations and individuals can minimise exposure and the spread of Petya using a few tricks:

  • Immediately applying Microsoft ServerMessage Block (SMB) patches (specifically MS17-010) and make patching a priority.
  • Be extra vigilant for possible phishing emails bearing attachments. Petya is not confirmed to have proliferated through malicious emails but it may in the future.
  • Disabling of SMBv1, PsExec and Windows Management Instrumentation (WMI) can help limit the spread of Petya across networks.

The application of the Microsoft patch MS17-010 must be a priority. Cybercriminals are on closed-door crime forums claiming to have produced new financially-motivated ransomware that leverages the same EternalBlue vulnerability as Petya and WannaCry.

Victims infected by the first Petya ransomware variant should avoid paying the requested $300 ransom. The attacker’s email account has been disabled meaning decryption keys can no longer be issued to victims who have paid, and any ransoms sent will be lost.

New variants may be created that have a functional ransom payment channel, but there is no guarantee that criminals will supply purchased decryption keys.

The Federal Government’s Australian Cyber Security Centre is monitoring the Petya outbreak and working with international counterparts. Large organisations affected by Petya should contact the Centre while small organisations are advised to contact the Australian Cybercrime Online Reporting Network.

Telstra business customers can contact their account managers with inquiries.

What is Petya?

Petya was initially so-named as it was first thought to be a variant of the original Petya which surfaced last year, but technical analysis reveals this is not the case. Some security experts are now referring to this ransomware as NotPetya.

The ransomware spreads using some of the same tricks as the WannaCry ransomware outbreak of last month, but it is sufficiently different such that it should not be considered WannaCry 2.0.

It spreads through unpatched SMB servers using the so-called EternalBlue exploit and using Eternal Romance for Windows XP machines.

Once it lands on a network machine, it can spread to even (MS17-010) patched machines by stealing the credentials of logged-in users, and using PsExec and WMI.

Infection rates are fast. Early analysis by US-based security consultancy TrustedSec found 5000 machines were infected in 10 minutes.

Petya encrypts the first megabyte of dozens of different files, including Microsoft Powerpoint, Word, and various images. Fake system repair notices may be displayed while the ransomware is encrypting data.

Deleting a scheduled task that Petya creates to reboot machines will only prevent the Master File Table from being encrypted. Once a reboot of an infected machine occurs, a ransomware note is then written over the Master Boot Record and displayed demanding payment.

Learn more about the security tips we’ve shared during the WannaCry ransomware outbreak and how the Internet of Things might make cyber security more of a concern.

Understanding broadband speeds on fixed networks

Be careful out there

Unplug me and I cease to exist

What is a VPN and do I need one?

Small Business

Posted on March 29, 2017

4 min read

The good news is that it’s never been easier to secure your sensitive business information from prying eyes with a Virtual Private Network (VPN). Here’s what you need to know.

A VPN is a powerful and versatile tool that could make it nearly impossible for someone to snoop on your network or track you as you browse the web. This is because a VPN creates an encrypted connection between your device and a server operated by the VPN provider, which accesses the internet on your behalf. This effectively creates a secure tunnel for your online activities to pass through. A VPN also masks your computer’s IP address making it harder for outsiders, including advertisers and your internet service provider (ISP), to track you online.

This is especially useful when you’re accessing public Wi-Fi networks, such as the ones at coffee shops, airports, hotels or onboard airplanes via in-flight Wi-Fi. Performing online activities such as banking, shopping or email on public Wi-Fi networks makes you especially vulnerable to identity and data theft, but a VPN can mitigate the risks by preventing anyone on the same Wi-Fi hotspot from intercepting your web traffic.

A VPN can also securely connect you to your company’s network, even when you’re outside the office. It’s an invaluable tool for working remotely, as you can access the company intranet or email from anywhere with a reliable internet connection, without any additional security risks.

What to look for in a VPN

With more than 800 VPN services out there, choosing just one may seem daunting. But most VPN providers offer a free trial so you can get a feel for how they perform before paying for the service. Most also provide short-term subscriptions of either a week or a month, so you can easily switch from one VPN to another until you find the one that works best for you and your business.

But what should you look for? Firstly, don’t evaluate a VPN solely on price. While most VPN services require payment, there are a few, such as TunnelBear, that offer free VPN services. They are generally limited as far as features, server locations and speeds go, but these might be enough if your needs are fairly basic.

If you are a beginner, it’s best to choose a VPN that’s user-friendly. Top VPN providers such as Private Internet Access (PIA), NordVPN and ExpressVPN, for instance, require next to no set-up – simply download the app onto your computer or mobile device, log in, select the location of the VPN server you’d like to connect to and you’re ready to go. Other providers need you to jump through a few more hoops and manually configure your network settings.

A good rule of thumb for selecting VPN server locations is that, unless you’re looking to access a service not normally available in Australia, then you’re almost always going to want to choose a VPN server located closest to you.

Other important things to look at are reputation, performance, privacy policy, support and extra features – all of which tend to vary wildly between providers. Extra features might include, for example, ad-blocking and the number of devices that can connect at a time.

Pay particular attention to the privacy practices of whichever service you choose. Some VPN providers keep temporary logs of the time and date users connect to their VPN in addition to storing their original IP address, while others like PIA do not log any form of customer data.

Get safe and get a VPN

There are a lot of situations where you will want to keep your VPN connection active, such as whenever you connect to a public Wi-Fi network or an untrusted network that you don’t own or manage. It’s also prudent to use a VPN when handling sensitive business data, which might include sharing company data with colleagues or clients remotely via email or a VOIP service like Skype. Or it could be that you’re doing market research on a competitor and you don’t want your rival to be alerted to you having accessed their company website. And, of course, a VPN is essential if you plan on accessing resources on the company’s network while you’re away from the office.

In an age of sophisticated cybercrime, heightened government surveillance and industrial espionage, a VPN is a fundamental tool that everyone should have at their disposal.

Disclaimer: Information provided on this website is general in nature and does not constitute professional advice.

The article first appeared on Smarter Business.

Be careful out there

One starry, starry night…

ISP blocking - our evaluation report