Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-security

3 cyber security trends to look out for in 2019

Telstra Careers Cyber Security

Posted on November 5, 2018

4 min read

Did you know that at Telstra we have one of the largest teams of cyber security professionals in Australia?

We have more than 500 people working to fiercely protect the data of our customers and organisation. These people protect our extensive network by preventing issues and solving problems when they arise.

That’s why it’s important for us to keep up to date with information security trends to make sure we’re ahead of the curve. One way we do this is by attending industry events, which some of our team recently did when they went along to the OWASP AppSec Day 2018 – Australia’s only conference dedicated to application security.

So what insights did our people get? Here are the top three things:

Security + DevOps = DevSecOps

Yaso Addanki, Senior Security Architect

Increasingly, people are learning that cyber security is something they need to consider in their work. Take DevOps for example, Yaso describes how this area of work is increasingly asking how it can be more secure.

“A significant trend at the conference was the focus on cyber security in the DevOps world and the importance of the need to embed security in the CI / CD (Continuous Integration/Continuous Delivery) pipelines,” she said.

“The security challenges with Docker containers and agile methodology, and how iterative threat models can be used to combat some of the challenges that come with them, was also a major topic.

“Telstra is working proactively here – we’re incorporating DevSecOps practices into development communities across the organisation”

Our team at the OWASP AppSec Day 2018

Code needs to be secured as quickly as it’s written

Stefan Gigliotti, Enhanced Services Trainee, Secure Code

As more and more solutions are being made digitally, cyber security principles need to be applied throughout a project’s life-cycle. Stefan learned other teams are beginning to ask questions about security and data protection which is a very promising sign.

“As a whole, I saw a big emphasis on DevSecOps – enabling organisations to deploy code quickly, and securely in an iterative manner,” he said.

“Telstra’s Cyber Security team is already following this trend, with the recent introduction of a team in Cyber Security called “DevOps Security”, which is focused on how we can deliver security services and capability to DevOps teams.

“One initiative we’ve introduced is the concept of training a ‘security champion’ embedded in each feature team, allowing security to be a shared responsibility.”

“What I learnt was very helpful to my career because I am new to the Secure Code team, and fairly new to the AppSec space. The conference provided me a great platform to start my journey, and thrive in the Secure Code team here at Telstra.”

Cyber Security is everyone’s responsibility

Ben Ellett, Security Technologist-Specialist

Cyber security isn’t just the responsibility of the specialists who work to protect it, it is something we all need to consider. Ben was amazed to learn that this year’s AppSecDay wasn’t just for security specialists.

“One of the biggest surprises at the conference was when the keynote speaker asked the crowd how many people DID NOT work in information security. Approximately 50 per cent of the audience raised their hand,” he said.

“This showed me that cyber security extends past the people who specifically work in this function.

“That’s the case here at Telstra, where the Secure Code team within Cyber Security, works with other developers in the business to establish good secure coding practices.

“In terms of the next step in my career and to keep up with industry trends, I’ll endeavour to learn more about the development stacks that full time software developers use in order to learn the security pros and cons inherent to that software.”

Want to learn what a career at Telstra could look like? Check out our careers website.

How I’m keeping our code secure

Telstra Careers People

Posted on October 29, 2018

3 min read

I started my career in the Australian Defence Force and what I really enjoyed about this time in my life was being able to make a difference to so many people on such a large scale.

I feel like I get to do the same thing here at Telstra.

To be able to work for such a large organisation – the largest telecommunications and technology company in Australia that has an impact on almost every household in this country – is really powerful.

If we get security right for Telstra, we’re actually helping protect Australia’s critical infrastructure and national security interests.

My role at Telstra

I lead a team of specialists within the Cyber Security team and our job is to make sure we secure every line of source code as early as possible, while still enabling the business to move fast.

Another part of our role is to educate our developers, uplift our development teams and put security automation tooling into their hands.

Why? Because at the end of the day, we cannot do security by ourselves. We need the organisation to practice security in collaboration with us and ensure that software is being developed ‘secure by default’.

Our team has a very strong alignment to Telstra’s vision of becoming a world class technology company that empowers people to connect.

This makes our work even more relevant and exciting, as the business really depends on us to make sure we can deliver quality, robust, secure applications to our customers as fast as possible.

It’s challenging work but….

I feel like since I started here, I’ve been able to take my career to a new level as every day is different and full of variety.

The cutting edge work I get to do also means I need to use different parts of my brain – technical, strategic and business.

As the Security Code Manager, I need to use my technical brain for the innovative work we are doing in “shifting security left” and for keeping up with industry trends. I use my strategic brain to deliver capability that that will enable us to scale and to influence security culture within the business, and I use my business brain to make sure the operational demands of the team are managed.

Why my future is at Telstra

Telstra’s leaders have given me so much autonomy to define and create a new team. I can honestly say they’ve been extremely trusting in my decision making and it’s something that has helped me to excel in my role.

The other reason why I see my future at Telstra is that I’ve been able to work from my hometown of Perth, and from my home office whenever I need to. This type of flexibility is amazing and has helped me to balance my life needs.

Having said this, my leaders and colleagues who work on the east coast of Australia make sure I’m always connected to them, so I never feel isolated and always part of the team.

See where a career at Telstra could take you.

Out of the classroom and into the mire: a hacking competition for cyber security students

Cyber Security

Posted on October 9, 2018

3 min read

From left: Khatina Haidari, Mahima Shrestha, Sheryl Mantik – RMIT University

Talk about being thrown in the deep end – it may be years before they toss their academic hats in the air, and yet 427 university and TAFE students have been snatched out of cyber security classrooms and thrown behind computers to find and fight real hackers.

In offices all over the country the students sit in 109 tight-knit teams for 24 continuous hours – each hunched in front of laptops, eyes dancing over reams of computer code in search of hidden security flaws.

They have joined Australia’s latest cyber security outfit, Break Out Box, to help secure local businesses against digital intrusion. Their art is methodical and precise; something as small as a single apostrophe, if missed, could let hackers make off with piles of sensitive data.

Thankfully the gruelling work is a simulation, and part of the annual Cyber Security Challenge Australia hacking competition (CySCA2018) which, starting today, throws students into the very real tests they can expect to face when they leave campus to join the booming cyber security industry.

As a Challenge sponsor, we have built a new technology platform for the 2018 competition to cater for the growing number of players, which has increased by 117 on last year.

“The Challenge is a real representation of what these students can expect to face when defending real businesses,” says Telstra’s APAC Chief Information Security Officer, Berin Lautenbach.

“Students are playing multiple professional security roles, finding security vulnerabilities before bad guys do, and chasing a hacker’s footsteps through code and logs.

“These are some of the skills they will need for a technical career in the cyber security industry”.

From left: Jin Han, Adam Kues, Takuhiro Kikuchi, Ethan Cheng – Melbourne University

The Challenge lives up to its name. Some of the brightest cyber security professionals spent eight months planning the digital mazes students are right now attempting to navigate and conquer.

Each element is a realistic representation of what it will be like to protect a security-focused business where the stakes are high. They must protect the systems of Break Out Box and that of its customers.

However, students that expect the competition to run as an average nine-to-five day-in-the-life of a security professional will be shocked. Plot twists abound that set the Challenge apart from a run-of-the-mill hacker romp.

The Challenge is the brainchild of Telstra, the Federal Government’s Australian Cyber Security Centre and AustCyber, PwC, Cisco, Microsoft, Commonwealth Bank, Splunk, BAE Systems, and HackLabs.

While prizes are on offer, all students win the recognition of the cyber security industry which eyes players for potential recruitment into a wide number of attractive career positions.

The winning team will score flights, accommodation, and entry to the popular DEFCON conference in Las Vegas in August next year.

Those in second place will win flights, accommodation, and entry to the hugely-popular and sold-out Kiwicon hacker confab in Wellington, New Zealand next month.

The third-placed team will head off to the equally popular BSides hacker conference in Canberra next year.

Placeholders will also score a tablet or mobile device for each team member. Other individual prizes are on offer for the competition’s various challenges.

You can stay up to date by following #CySCA2018 or at the Cyber Security Challenge Australia 2018 website.

Finding sophisticated threat actors on a shoestring

Cyber Security

Posted on August 28, 2018

4 min read

Finding well-resourced and sophisticated threat actors doesn’t have to cost the earth thanks to a suite of free and highly-capable tools, a former Pentagon threat expert says.

Defensive security professionals and law enforcement agencies around the world use the tools to passively monitor bad actors operating on the internet.

The free-of-charge toolsets mean cash-strapped security analysts can protect their corporate networks by tracking in detail active sophisticated threat actors, their campaigns, and infrastructure.

These are entirely passive so-called ‘threat hunting’ toolsets, and do not utilise any active defence (hack-back) functionality.

Use of the tools can help security defenders to learn if their organisation’s sector or region is being targeted by bad actor groups. That information can then be used to harden the organisation against the known methods bad actors are using as part of their attacks.

Sophisticated bad actors target a wide range of victims depending on their operational mission and resources, including critical infrastructure, enterprises, to very small businesses.

Targeting depends on the mission and motivation of the group. Bad actors of all stripes will target businesses in a bid to steal intellectual property and customer and financial data, or to hijack infrastructure. Critical infrastructure by contrast is a target of typically politically-motivated actors.

“What would I do if I was a state actor and wanted to target the FBI? You’d say [in a phishing email] ‘here’s the truth of Comey’,” he says.

This victim-targeting can shift rapidly. Martin Hart (not his real name) demonstrated during Telstra’s Defend threat intelligence industry confab in Melbourne how some sophisticated actors pivoted within a matter of days from targeting governments in regional flashpoints to private sector firms for monetary gain.

“Not everyone has a lot of money to spend,” Hart told delegates at Defend.

“These tools will allow you to track bad guys all over the world, even if they are switching infrastructure all the time.

“No one tool will do all that for you.”

Hart, a US-based cyber security consultant, listed free tools including DomainTools; dnstwist; name server monitoring; CertStream; censys.io, and scans.io.

Taken together the tool suite allows security researchers to be alerted rapidly to the creation of homoglyph and masquerading domains (such as g00gle.com imitating google.com) and to understand quickly the shifting priorities of well-resourced adversaries.

Hart ran threat hunting experts through a series of examples of how he and his team had applied the tool suite.

He had set up DomainTools brand monitoring for ‘Comey’ following the dismissal of then FBI director James Comey in May last year.

This free check found dozens of domains including comeyismyhomey, comeyyourfired, and comey2024 established within hours of news of the dismissal.

“What would I do if I was a state actor and wanted to target the FBI? You’d say [in a phishing email] ‘here’s the truth of Comey’ and send it to the FBI – you know how many people would click on that? Lots,” Hart says.

In another example, Hart found the Fancy Bear (APT28) bad actor group had established watering holes and masqueraded domains (evronaval.fr) targeting the Euronaval annual defence conference in France. Threat researchers allege Fancy Bear is a CNE (computer network exploitation) arm of Russian intelligence with previous operations targeting the 2016 Democratic National Committee, the World Anti-Doping Agency, and German Parliament.

Threat hunting using these tools can be noisy, however, as it captures legitimate and malicious actors that establish domains and Facebook sites to attract visitors.

Some 1000 domains are generated each day for the 50 keywords, or brands, Hart monitors.

“We equate this to digging for gold,” Hart says.

He recommends threat hunters enrich their data by using free tools to check netblocks, SSL certificates, registrant information, and IP address data among other data types.

Threat actor hunters intending to crawl through registrant information after May 2018 may face trouble thanks to Europe’s General Data Protection Regulation. The new laws could depending on how it is implemented could see registrars follow GoDaddy’s footsteps and remove bulk searching of WHOIS site registrant data. As yet organisations along with the Internet Corporation for Assigned Names and Numbers have not announced final changes.

“The good news is that registrant alerts are just one technique that we use,” Hart says.

Unearthing Australia’s next elite hackers

Cyber Security

Posted on August 2, 2018

4 min read

In three months’ time, more than 400 cyber security students will fire up their machines and attempt to penetrate the systems of a fictional start-up incubator before the end of 24 hours.

For the first time, those tasked with attacking the company will come face-to-face with a similarly motivated team of defenders working to keep the ‘bad guys’ out.

In its sixth year of operation, the Cyber Security Challenge Australia (CySCA) – a joint effort to nurture the country’s next generation of cyber security professionals – is expecting its biggest participation yet.

The competition has grown steadily since its inception, from 40 students in 2012 to just under 300 last year, and an anticipated 400+ this coming October.

Telstra – one of the program’s sponsors – has built an entirely new technology platform for the 2018 CySCA to handle the growing volume of participants.

The new platform is made up of seven blade servers able to accommodate as many as 24 teams each – four times the capability of the previous platform.

Each team will be given its own set of virtual machines to work on, as well as a VPN endpoint to connect into their game environment from their university or TAFE base. Team environments are kept isolated from each other to prevent any dodgy behaviour from competing teams.

Cyber Security Challenge Australia (CySCA)

The challenge

Racing against the clock, players will work to solve a main challenge as well as a series of puzzles and problems in order to win points. The team with the highest points wins the overall competition.

They will be competing to break into – and defend – the systems of fictional start-up incubator BreakOutBox.

But while the scenario they are working with may be make-believe, the systems and technologies the students will be grappling with are very real.

They will need to demonstrate their ability to break into web applications, networks and systems; exploit vulnerabilities; work with cryptography; and perform network forensics and analysis. Players will need to be familiar with technologies and tools like Linux, Splunk, Wireshark, and Disassembler.

For the first time, students won’t only be playing the role of corporate penetration testers, assessing BreakOutBox’s systems for weaknesses and vulnerabilities by taking on the mindset of an attacker.

They will also adopt the posture of a ‘blue team’ – a posse of internal company defenders who maintain constant vigilance against attack.

The inclusion of a blue team challenge in this year’s CySCA is intended to recreate as much as possible real-world examples of the types of skills participating students will need to demonstrate to get a job in the field.

Cyber Security Challenge Australia (CySCA)

Prizes

The winning teams will score a ticket to three of the biggest global and local IT security conferences.

The team that scoops first place will win flights, accommodation and entry to the popular DEF CON conference in Las Vegas in August 2019.

Flights, accommodation and entry to Kiwicon in Wellington, New Zealand this November are also on offer for the second-place team, while the team that comes in third will win the same for the BSides conference in Canberra 2019.

Each placeholder will also receive a tablet or mobile device for each team member. Other individual prizes are on offer for the competition’s various challenges.

An expression of interest form for universities and TAFEs is now open, and will close on August 17.

Start planning your teams to ensure you get your name in front of Australia’s biggest cyber security employers.

Many of the competition’s past winners have gone on to have careers with the challenge’s sponsors, including Telstra security specialists Lennon Jones and Darian Panter.

This year’s competition will be held over 9-10 October 2018. For more information, visit the Cyber Security Challenge Australia website.

Telstra is sponsoring the Cyber Security Challenge 2018 alongside the Australian Cyber Security Centre, AustCyber, PwC, Cisco, Microsoft, Commonwealth Bank, Splunk, BAE Systems and HackLabs.