Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Australia’s critical infrastructure a ‘high-interest’ target, according to first CISC review

State-sponsored hackers and cyber criminals remain a threat to essential systems and public works – and War Thunder, amazingly.

user icon David Hollingworth
Wed, 01 Nov 2023
Australia’s critical infrastructure a ‘high-interest’ target, according to first CISC review
expand image

The Cyber and Infrastructure Security Centre (CISC) released its first Critical Infrastructure Annual Risk Review today (1 November), and it maps out a range of risks to the essential services and industries that make Australia tick.

The challenges of climate change and “heightened geopolitical tensions” rate highly, obviously, along with the risks of foreign involvement in these sectors and the sometimes fragile links in international supply chains. However, the spectre of cyber attacks, espionage, and even insider threats all loom large in the mind of the CISC.

While data breaches have generally been the incidents to make the headlines in the last 18 months, CISC believes that threat actors are also looking to Australia’s critical infrastructure as a means to “obtain valuable sovereign research and gain insights into our social, economic or technological vulnerabilities”.

============
============

The convergence of operational technologies with information technology, and the growing internet of things (IoT), are also seen as risk vectors. Many critical systems in different sectors are now deeply interconnected, allowing for lateral movement between vulnerable networks of both OT environments and corporate networks.

And with more IoT technology, more third parties are introduced into the environment, whose monitoring and data collection habits could pose another risk.

But the risks don’t just come from hackers. The sheer pace of technological change can be both a boon and a source of risk itself, as security teams fail to keep pace with new tools and technologies. Human error and remote access, especially in the work-from-home age, is another source of anxiety.

As to what can be done to mitigate these cyber risks, the CISC points to data analytics and artificial intelligence as two tools that can “greatly improve efficiencies”, according to the report. But with that comes the need to store greater amounts of data, leading to – you guessed it – higher risk again.

The report also outlines some specific cases for specific areas of critical infrastructure. The protection of sensitive data used in large language models is called out specifically in terms of data storage, while the security of patient data and medical research matters for the healthcare sector.

The spread of disinformation and misinformation is also seen as a critical threat. According to CISC, threat actors might target critical infrastructure not so much to damage the infrastructure itself but to undermine public confidence and government trust.

And then, of course, there is the direct threat of espionage and foreign interference. Darknet job ads are a particular worry.

“Dark web job advertisements targeting ‘disgruntled employees’ are being used as a recruitment tool as more and more threat actors acknowledge the value of exploiting insider access,” the report said. For some insiders, just the financial gain is enough to share secrets, while for others, it appears to be revenge – and still probably some financial gain. Some victims may not even know they have been recruited.

“This includes witting insiders who understand what they are doing and why, and unwitting insiders who are manipulated without their knowledge,” the report said. “Malicious actors could also pre-position people to be hired into specific roles.”

And it wouldn’t be a report on the dangers of leaked information to critical assets, so of course, War Thunder gets a mention as a forum where sensitive military data is constantly posted, to the consternation of all concerned.

“Over the last two years, several incidents on private chat forums, such as Discord and War Thunder platforms, have seen classified or sensitive information leaked,” CISC admitted in the report, “in most cases by individuals with insider and often legitimate access to information”.

You can read the full report here.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.