Share this article on:
As Australia continues to suffer at the hands of cyber criminals, the golden ticket has become the need to prevent attacks altogether, to predict and prevent rather than simply react.
Despite this, many organisations are missing a simple but incredibly effective tool from their armoury: intelligence.
The Australian Cyber Security Centre (ACSC) reported a surge in the number of cyber crime reports from 2021 to 2022, with the average financial loss to organisations per report increasing by 14 per cent. This — along with the much-publicised string of attacks affecting major Australian organisations in 2022–23 — prompted organisations to shore up their perimeter defences and redundancy capabilities to avoid, or at least avoid the worst from, an attack. However, prevention isn’t something that can be guaranteed.
Assessing vulnerabilities through tried and tested benchmarks such as the “Essential Eight” lens provides a good starting point for protection against cyber crime. But the reality is access to the tools and data threat actors require to accomplish their goals is not as difficult to attain as it once was. The information is more accessible, widespread, and shared. Given the opportunistic nature of cyber criminals, defence systems need to constantly evolve and become more proactive.
If there is a silver lining to be found, it’s this: the cyber industry is fighting back against growing criminal activity by producing more and more innovative ways to build a defence and minimise the risk of attack.
As we move forward in this ever-changing world, we must develop a greater understanding of what’s happening beyond our defence perimeter to better reinforce it.
There are tried-and-true tactics, techniques, and procedures (TTPs) typically followed by ransomware operators and threat actors. They vary based on the level of experience and skill of the threat actors, and they get better and evolve over time.
Leveraging intelligence to gain a deeper understanding improves organisations’ own overall cyber strategy. The intel can be used to bolster and prioritise defences — for example, if there’s chatter on the dark web about a specific vulnerability, you might want that heads up to see whether you’re exposed.
Having access to intel that illuminates the inner workings of the TTPs threat actors use; where they operate and traffic; how they communicate and interact; and even how they attack each other — not just their victims. It is the only true way to understand the enemy, and cyber crime is an enemy to all.
Understanding the rise
From the COVID-19 pandemic and subsequent restrictions and lockdowns came an increased dependence on the internet that has evolved and persisted to this day. Not just to work remotely but also to facilitate the tasks of everyday life such as banking, shopping, vehicle registration and licence renewals, as well as a means to communicate and connect with our families, friends, and peers.
Alongside the many benefits of that acceleration, the growing digital footprint has drastically expanded our risk profiles and increased the surface areas through which we are vulnerable to attacks.
There is no area of society immune to the devastation caused by borderless and constantly evolving cyber crime. It’s not an exaggeration to say that our very way of life is affected. The foundations upon which we rely to structure our lives are under attack.
While there is a tendency to believe that mostly large organisations, government agencies, and critical infrastructure are targets following the heavily publicised high-profile breaches to major Australian companies, small to medium businesses, families and individuals have been victims of attacks as well. The Australian Competition and Consumer Commission (ACCC) showed Australians lost a record $3.1 billion to scams in 2022.
From university databases, government offices, and services to health and medical organisations, the stakes are high. From identity theft and mail fraud to illicit pharmaceutical trade, circulation of extremist images, and insider threats — the list goes on.
The awareness is there — the cyber headlines detailing the financial, reputational, and personal tolls experienced are prominent. However, despite greater awareness, many organisations’ security posture is basic, perimeter-focused, and in many cases, totally inadequate.
Cyber crime has penetrated all facets of society and every industry in Australia. Therefore, left unchecked or unmatched, it threatens us all and risks our ability to work, live, and learn. The enemy knows plenty about us, so it’s time to return the favour.
Ben Gestier is a senior intelligence analyst APAC/EMEA for risk intelligence firm Flashpoint.