The DSD's Cyber Security Operations Centre is tasked with helping address the growing number of cyber threats, such as the hacks on Australian mining giant, Rio Tinto
Despite the recent spotlight on the security risks to local mining companies operating in China, the greatest threat to Australian organisations is corporate espionage, rather than state-sponsored hacking, a security expert has warned.
Speaking to Computerworld Australia, Logica chief security information officer, Ajoy Ghosh, said there were clear economic and business drivers at the heart of the growing attacks on local corporations.
“[Hacking attacks] are happening across all sectors and it’s really about economic aggression,” he said. “If you look at particular sectors and who their global competitors are there is a very clear linkage between those countries and where the [security] problems are coming from.”
This scenario had been born out in the Australian meat trade which in 2006 came under hacking attacks originating from the US and Canada – two nations which have major global competitors to Australian meat companies, Ghosh said.
Part of the reason for the lack of disclosure and referral to authorities on the incident was that, having discovered the attack, the fact of it was used to gain a more favourable trade deal, he said.
“In that particular case they were able to very clearly demonstrate which organisations in the US and Canada were tapping into the Australia companies’ systems and in that particular case the [Australian companies] used that information as leverage in the negotiations,” Ghosh said.
“Our competitors have cottoned on to the fact that any information they can get they can use as leverage in trade negotiations and it is no different from what used to happen in corporate espionage. It’s easier to do if it’s from across the other side of the world. By doing it through cyberspace there is much less chance of the trail leading back to you.”
Ghosh said that disclosure on attacks on companies in industries as diverse as wheat, telecommunications, banking and finance, and manufacturing had been low due to the murky nature of business dealings overseas and Australian laws related to bribery.
“There is a particular law around the bribery of foreign officials, and the problem that an Australian company has is that if it complains about a foreign company hacking into them, then the police of government authority responding will necessarily will have to crawl over the computers of the Australia company,” he said. “It would then be embarrassing if they then stumbled across evidence of the Australian company paying bribes overseas.”
As result, problems with regulators, rather than the potential impact on a company’s brand or reputation, was now the primary reason for organisations not to report hacking attacks, Ghosh said.
Aside from investing in more secure corporate networks and taking precautions for employees travelling overseas, Ghosh advised Australian companies to still report security incidents through channels such as the High Tech Crime Unit of the Australia Federal Police and the Australian CERT.
The comments follow a recent distributed denial of service attack on an Optus' corporate customer, that the telco claimed originated out of China.
In early November 2009, the Australian Security Intelligence Organisation (ASIO) also confirmed that Internet-based attacks have been used by hostile intelligence services to gain confidential Australian Government and business information. Minister for defence, Senator John Faulkner, has also gone on record saying the government has evidence of sophisticated cyber intrusions onto government and private networks in Australia.
The Federal Government has moved to address the growing cyber threats by establishing a Cyber Security Operations Centre (CSOC) operating under thd Defence Signals Directorate (DSD) in Canberra. However, there is little clarity around the capabilities the CSOC has and what legislation it is bound by, with Defence and other authorities consistently refusing to divulge specific details on attacks and the cyber defences of the country.