Australian companies under ‘constant’ cyber attack, says security company Crowdstrike

Posted July 16, 2017 06:01:02

Fancy Bear, Deep Panda and Charming Kitten are faces of cyber warfare.

The characters were created by cybersecurity company Crowdstrike to represent the so-called “threat actors” roaming the internet.

“These are the actors who we see in Australia,” Crowdstrike co-founder Dmitri Alperovitch says, scrolling through pages of threatening-looking cartoon faces.

“You can see here these are criminal groups that we call spiders.

“These are Chinese groups that we call pandas, and this is an Indian actor that we call Tiger. Bear is Russian Government and jackals are hacktivist groups.”

Russian born and educated, Mr Alperovitch, who is now based in the US, was last year named one of Politico’s top 50 political thinkers.

He and Crowdstrike identified Russian hackers as the culprits behind the attack on the Democratic National Committee, which triggered continuing suspicion about Russian meddling in the US election.

“That’s something we’ll probably see a lot more of going forward because the reality is it’s very cheap to do,” he says.

“A lot of these campaigns are not sophisticated when it comes to cybersecurity, so we certainly expect that nation states, as they’re thinking about which campaigns they want to help, will engage in these types of operations going forward.”

Theft of cyber weapons poses new threat to Australia

Crowdstrike is one of the companies that protects government and business from cyber attacks.

It has recently undergone a $100 million finance round, attracting investors like Telstra, which has put between $US5 million and $US10 million into the company.

It is a reflection of the risks to Australian corporates and institutions.

Right now there is also a new threat, after the theft of cyber weapons from America’s National Security Agency (NSA) that are being turned against business and government.

“I think as a great ally of the United States you are vulnerable because organisations out there that want to do us harm may target our allies to sow discord or show that they can hit at someone without hitting necessarily at the United States,” Mr Alperovitch says.

“We protect a lot of companies in Australia, and I can tell you they’re coming under constant attack from both nation states and criminal groups.”

The data was stolen or leaked from the NSA last year.

It has since been weaponised in two large-scale cyber attacks centred in Europe, but affecting companies and government institutions from London to California to Tasmania’s Cadbury factory.

The most recent attack began at an accounting software firm in Ukraine and then wormed its way into systems around the world.

The basis for the worm was an NSA weapon called Eternal Blue.

US taking precautions but Russian agency caught up

Former chief of staff at the US Department of Homeland Security under US president Barack Obama, Paul Rosen, is a corporate lawyer with years of expertise helping protect Americans from cyber threats.

That protection extends to consultations with allies.

“I saw the United States Government taking a number of steps to protect its own networks but also work with companies in the United States and around the world,” he says.

“Increasingly we are working with our alliances, like our Five Eye alliance and our partners in Australia and elsewhere, because one of the things that is evident when it comes to cybersecurity is that we’re all in this together.”

The US Government is taking steps in the wake of the NSA leak, the global cyber attacks and the suspicions over Russian election interference.

Russian cybersecurity outfit Kaspersky has just been removed from a list of US Government-approved vendors due to concerns its products could be used by the Kremlin to invade systems.

Kaspersky has reacted furiously, saying it has become a pawn in a geopolitical game.

Meanwhile the FBI and Homeland Security have issued warnings to energy companies after suspected Russian hackers were discovered prodding vulnerabilities in the systems of nuclear power facilities.

“I think when you look at the likelihood of a nation state launching an attack it comes down to the question of A, what is the target doing to defend itself, and so I’m sure that countries like Australia and the United States are taking tremendous steps to prevent attacks like those from occurring,” Mr Rosen says.

“But there’s also a diplomatic channel that’s important, and making clear that such attacks on nation states will not be tolerated by the government.”

Topics:computers-and-technology, information-technology, defence-and-national-security, internet-technology, hacking, australia, united-states


Article by channel:

Read more articles tagged: Hacking