Computer and Online Cyber Security
Computer Security No 7: The Dark Side of the Web
Corporate Computer Security
If you ever believe that you have experienced a Cyber attack, contact CERT to report the incident (1300 172 499) and the police.
Australia - ACSC report
The first cyber security survey conducted by the Australian Cyber Security Centre (ACSC) in 2015 details the statistics obtained from 149 respondents across 12 industry sectors (including defence, energy, banking, communications, water services, mining, transport, health, retail, government and manufacturing).
Only 10% of respondents were small (20 employees), 23% medium (20-199 employees) and 67% were large (200+ employees).
Only 3% of respondents do not have an IT Security area. This is a significant improvement from 16% in 2013.
77% of respondents have cyber security incident response plans in place with 37% of these regularly reviewing it.
56% of respondents increased expenditure on cyber security in the last 12 months. This is a significant increase from 2013, where only 27% of respondents reported an increase.
82% of industry organisations use external IT security standards or frameworks.
100% of respondents reported using anti-virus software and all but one respondent reported using network based firewalls.
INCIDENTS AND THREATS
50% of respondents have experienced at least one cyber incident in the past year.
Of concern, 8% of respondents were unsure if they had experienced a cyber incident.
92% of respondents that experienced an incident indicated the threat of the cyber security incident/s had been identified in the organisation's risk register. This is more than double the 2013 finding of 39%.
There has been a significant surge in the number of ransomware incidents with four times the number of respondents reporting in 2015 (72%) as compared to 2013 (17%).
Ransomware is the threat of most concern amongst respondents (72%), followed by theft or breach of confidential information (70%) and Advanced Persistent Threats (66%).
The 'trusted insider' was the actor of most concern to respondents (60%), followed by 'issue motivated groups or hacktivists' (55%).
43% of respondents did not report cyber incidents to anyone with the main reason given as 'no benefits of reporting'.
UK Experiences Increased Number of Attacks:
(source: UK government)
The Dark Side of the Web
Dark web is the web content found on darknets, overlay networks which use the public Internet but require specific software and configurations to be accessed.
Deep web is the part of the web that is not indexed by search engines.
Darknets they include peer-to-peer networks, Freenet, I2P and Tor
What the darknets are used for (from a study done by the King’s College London in 2016):
Botnet Operations (closed networks of computers used mainly for spaming)
Illegal Bitcoin Services
- untraceable coins used to purchase guns, drugs, etc. More recently, about 21 Bitcoins ATMs were installed in Australia in Brisbane, Perth, Sydney and Melbourne.
Darknet Markets (illegal drugs, guns, software exploits, etc)
Hacking Groups and Services: mail order services
Hoaxes and Unverified Content
Phishing (attempt to acquire sensitive information like username, password, credit card details, etc) and scams
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© 2011 - 2016 Advisory Boards Group website by aml websites