Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-security

STEM themes to inspire teens at this year’s Wired for Wonder

Cyber Security

Posted on November 22, 2019

3 min read

We’re helping to inspire the next generation of creators and change makers to explore new ideas and be curious about their career possibilities ahead. ‘Inspire’ was the theme of this year’s Wired for Wonder learning conference and here’s what you need to know about how we’re exploring new ideas with the next generation.

What do you get when you bring together 230 13-16 year-olds, their teachers, technology experts and thought leaders at our Customer Insight Centre in Sydney? The opportunity to engage these young minds with bold ideas, different ways of thinking and the possibilities of what STEM can offer them.

Together with our partner Commonwealth Bank, the day is part of our ongoing commitment to work with students, schools and higher education partners to inspire future generations and build their curiosity in technology.

Here’s what we learned from this year’s conference.

How to make a career in cyber security

Brendan Hopper, CommBank’s General Manager of Cyber Security & Applied Research Centre, spoke about the need for many more people to study cyber security as the use of AI, machine learning and IoT continues to rise.

Brendan shared that kids can gear themselves towards this kind of career by teaching themselves to continually learn new concepts and techniques.

While students always need to be curious about new methods during their education, they always need to remember the guidelines – never break the law or hack without permission! Instead, use good creative outlets like Bugcrowd to learn on real apps.

The world needs defenders, and Brendan is a true advocate for inspiring the next generation to take up the charge.

Discovering your purpose, unlocking your power

Our Chief Technologist for Strategic Accounts, Fawad Nazir, shared a moving and personal story from his youth: growing up in a middle-class family in Pakistan where being the only son meant that expectations on him to ‘succeed’ were high.

Under the weight of these expectations, however, Fawad found that he struggled to succeed in the way his family asked of him. At school especially he struggled, adding that he was “merely surviving”.

Fawad ultimately discovered that being comfort with being uncomfortable can unlock real change in your approach to life. Watch his talk above to see how he combines his purpose with his belief to yield unstoppable power.

Saving our oceans, three pieces at a time

Tim Silverwood, co-founder and CEO of Take 3 for the Sea explained how his organisation has built a movement to save our oceans.

Our oceans cover 71 per cent of the Earth’s surface and contain 97 per cent of the Earth’s water. But every minute a garbage truck full of plastic ends up in the ocean – equating to 8 million tonnes of plastic each year. Yet there’s a simple way we can all contribute to help fix the problem.

Tim’s organisation, Take 3 for the Sea, inspires participation in simple actions – if each person removes three pieces of waste or plastic from every beach, park or public space they visit they’ll greatly reduce the amount of waste ending up in our oceans.

Tim demonstrated that anyone can be a change maker, even when the problem is as big as an ocean. Small impacts can make a big impact when multiplied.

To learn more about Wired for Wonder, and see videos from previous years, head to their website.

Businesses warned to defend against evolving cyber threat

Cyber Security Consumer

Posted on October 28, 2019

2 min read

The Australian government is warning businesses to harden their cyber security controls in the wake of the evolving Emotet malware.

Emotet exposes infected computers to a host of attacks including ransomware and data theft, and can spread to a victim’s friends and contacts using their email account.

The Australian Cyber Security Centre (ACSC) says it knows of dozens of victims the malware has claimed in recent weeks, including critical infrastructure providers and government agencies.

This victim count is small relative to the hundreds of victims claimed by conventional phishing cyberattacks over the same time, but could rise if Emotet’s popularity rebounds to former levels.

The malware’s most popular feature – raiding a victim’s bank accounts – meant that it was used in 75 percent of banking crime campaigns in the last year.

Emotet spreads through phishing emails. The contents of these vary, but researchers have seen often poorly written emails requesting readers open Word documents that request the macro feature be activated in Microsoft Office.

There is little preventing Emotet’s phishing emails, and those linked to other cyber attacks, from being convincing and fluent.

“Emotet malware is spread when unsuspecting email users click on links or open files containing malicious code,” the ACSC warned. “This campaign uses targeted and untargeted phishing emails to spread the virus.”

Recent versions of Microsoft Word warn users of the threat of activating macros. Macros, an automation feature, are a decades-old favourite for delivering malware, and continue to be so in the face of Microsoft’s much-improved technical and user defences.

Emotet, like most cyberattacks, is best fought through the rapid application of software updates (patching), and use of current operating systems like Windows 10 which contains significant defences and in-built antivirus.

Organisations of all sizes should ensure they are creating regular backups as a priority and confirm they have business continuity plans in place, and review the Australian Signals Directorate’s Essential Eight security controls to limit the impact of cyber security incidents.

We’re hosting a Hackathon with the Australian Federal Police

Cyber Security

Posted on October 11, 2019

2 min read

We want to use our world class skills to help find missing people in Australia.

Police here receive reports of more than 38,000 missing persons every year. While most are found within a short period of time, approximately 2,600 remain long-term missing persons.

We’ve joined forces with the Australian Federal Police and AustCyber Canberra Innovation Node to see if our cyber security team can help, using their world-class skills.

As part of Cyber Week 2019, the Telstra office foyer in Canberra has been taken over for an Australian-first hackathon. 354 ethical hackers, including members of our very own Open Source Intelligence (OSINT) team, will be using their cyber skills to find information on 12 national missing people, identified by AFP’s National Missing Persons Coordination Centre.

Searching and analysing publicly available information, the ultimate goal is to solve a missing persons case.

We are hosting the main site, but official hacking locations have also been set up in Sydney, Brisbane, Gold Coast, Sunshine Coast, Darwin, Adelaide, Melbourne and Perth.

It’s the first-time simultaneous events like this have been run across an entire country. We want to use the incredible skills of our OSINT experts and apply it to a real-life challenge that can deliver very tangible results for families. Hopefully, we’ll see some actionable leads found, which will be handed to the AFP and National Missing Persons Coordination Centre to follow up.

It really is a great opportunity for Telstra to demonstrate our world-class security talent and strengthen our partnership with the AFP, AustCyber and the cyber security community in Australia.

Cyber security capabilities are a core part of our vision for Telstra’s future, and our people are excited to take part because they could help change someone’s life.

We are proud to use our technical capabilities and cyber security expertise to help make an innovative event like this possible.

A solution to reduce scam calls across Australia

Cyber Security Consumer

Posted on September 16, 2019

5 min read

Getting suspicious calls on your mobile from faraway countries or long-lost relations is nothing new – everyone is aware of phone scams. We believe there’s more that our industry can do to reduce the number of scam calls in Australia, and we know that a fix is well overdue.

Scam calls are frustrating, particularly to those who may fall prey to one or more of the scams currently in circulation. What might just seem like an annoying phone call for you can turn into money for scammers, too – whether it is through convincing you to share personal information that can then be used for fraud, or by engineering a call to a premium number that charges high rates.

A technology and industry solution

There are some things that telcos can do to reduce the number of scam calls that reach our customers. We don’t let our customers in Australia use fake numbers, for example, which makes it very difficult for scammers to operate from Australia. We also block calls using numbers that are known to be used for scam calling.  As an example of how prevalent scam is – we block millions of scam calls from reaching our customers each month.

We are also working hard with other carriers, and liaising closely with the ACMA and the ACCC, to better identify the sources of scam calls that still get through and then take appropriate action to disrupt and prevent those sources from scamming in future.

However, we cannot fix this on our own. We need all telcos, big and small, to work together to help identify the source of scams to resolve this situation and make Australia safer for everyone.

We are calling on all telcos to help our industry stop scam calls reaching our customers and proposing ways we can work together to fight this issue. If we can get this fixed, we’ll be able to significantly reduce the more than $500m Australians are expected to lose to scam this year.

Education to assist our customers

Until we have reached a consensus and implemented a solution, our customers can take steps to protect themselves in the interim. Everyone should understand how scams work so that they can understand when to hang up and not to call back.

There are three main phone scams currently popular around the world.

Getting you to call them back: Here, the scammer will call your mobile phone, making it look like the call has come from another country. Often the phone rings once or twice and then hangs up. In this scenario, particularly prevalent at the moment, if you do call the number back you’ll be placed on hold or play a recording. What you don’t know is that you’re calling a premium number which costs you a lot of money – and the profits go directly to the scammers. 

Getting your details: These scams are simply about trying to get access to your personal details. Scammers might call and claim to be from a major company (like Telstra) or government department (like the ATO) seeking to provide you with information. Before they can do that, they’ll ask you to complete an identity verification process by providing your personal information. They’ll use this information to try and access your bank account or online services to steal your money.

Variations of this scam include calls saying your computer has a virus and asking you to provide access so they can remove it. The scammer will then download your personal data or implant a virus that will collect data they can use at a later date to access your money or identity.

Getting you to pay for services: These scams are about convincing you that you owe a company money and that you must pay immediately. Often, the scammer will claim to be from a major utility or telecommunication company – scammers know the chances are high that you’ll get a call relating to a company where you have some services. Callers often talk in an aggressive manner or with a sense of urgency, or they may threaten to cut off your services, so you panic and pay immediately.

We know that education is only part of the battle because it is often our most vulnerable customers who are preyed upon by scammers. That’s why, in addition to operating our misuse of service and cyber scam reporting services, we’re calling on all of Australia’s telecommunications industry and its partner organisations to work together to find an effective technology solution to scam calls.

The opportunity for all telcos here is to set the bar high for what we do with our customers to make sure we never miss a heartbeat and no customer ever gets left behind.

From intern to Pen Testing lead – meet Ben

People

Posted on June 24, 2019

3 min read

Ben Tudor has been part of the Telstra team for nearly seven years. He started in our Summer Vacation Program, before landing a place in our Telstra Graduate Program. He’s now our Penetration Testing – Senior Lead, which sits in our Cyber Security team, and he looks after a team of highly skilled Penetration Testers.

I caught up with Ben to find out about his career, the innovative projects he’s currently working on and the opportunities available to Pen Testers here at Telstra.

Can you tell us about your role and what your team does?

I lead a team of highly skilled Penetration Testers – effectively, ethical hackers. Ultimately, we are responsible for assessing applications and products that are both sold and developed by Telstra, ensuring that they meet both our security requirements and protect our customer data.

How has your career evolved at Telstra?

I started at Telstra as a Summer Vacation student in our Mobiles space. Following that, I worked as a Graduate within our Mobiles Engineering teams, before moving into the Cyber Security team. Since then, I’ve been involved in Penetration Testing, both performing assessments, and more recently leading the team.

Are you able to give us an insight into any innovative projects you’re currently working on?

The sheer volume of work that we perform across the business means that we always have the opportunity to investigate and assess new and innovative products.

A key focus area at the moment is the movement towards Internet of Things (IoT) – and the development of new assessment methodologies to meet this growing area. Other developing areas include 5G, software defined networks and big data products.

What does a career path in Pen Testing look like at Telstra? 

Due to the size and scope of our team there are endless opportunities to develop yourself. From new graduates starting their journey, to our senior Penetration Testers with over 20 years’ experience, every day brings a new challenge, allowing our team to build up skills across multiple domains.

Additionally, because of the size and scope of our wider Cyber Security team, there are opportunities to develop into other areas of cyber security, giving you the ability to look at other domains that you wouldn’t necessarily be able to elsewhere.

Why do you enjoy working at Telstra? (And why should someone join our team?)

Telstra is incredibly flexible – in our team, we are lucky enough to have people across multiple states and locations, including a number of people who work in remote locations. The sheer size of Telstra also means that the opportunities are endless and that the opportunity to build your career across multiple domains and areas of the business is incredibly valuable.

Applications for this year’s Summer Vacation Program are opening soon. Find out more.