Cybersecurity Threats Challenges Opportunities - November 2016 - ACS
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
November 2016 Cybersecurity Threats Challenges Opportunities
“It is only when
they go wrong
that machines
remind you
how powerful
they are.” Clive James
Cybersecurity – Threats Challenges Opportunities 3
Contents
01 03
Foreward
Executive summary
1
4
Threats in the
information age 13
The nature of threats 14
02
The Internet of Things (IoT) 16
Botnet armies 17
When security is an afterthought 18
Autonomous systems 19
Driverless cars and transport 19
ATMs and Point of Sale 21
What about wearables? 22
Cyberwarfare 24
A brave new world 5 Automated attacks 24
Cyber speak! 6 Energetic Bear 24
What is cybersecurity? 7 Cyberattacks on infrastructure 26
And the weakest link is… 9 When software kills 28
A world without cybersecurity 11 Data manipulation 29
Backdoors and espionage 29
Cloud concerns 29
Blast from the past 30
Virtualised threats 32
Industry and the individual 33
Ransomware and Cryptoware 33
Multi-vector attacks 33
Identity theft 34
The world we live in 34
04
The future in our hands
The 100% secure computer
35
37
Opportunities 38
05
The data-driven economy 38
Technology as wealth creation 39
Cybersecurity as job growth 39
Leveraging technology talent 39
Challenges 40
Leadership 40
Learning from history 40
Collaboration 41
Education and awareness 41
You are what you do 43
Looking to the road ahead 45
State of the nation 46
Legal and regulatory 43
What role can you play? 47
Services and privacy 43
Government 47
Perception and practicality 44
Education and research 50
Business and industry 50
You, the individual 50
The five pillars of cybersecurity readiness 51
Online resources 52
Through the looking glass 53
Fast facts 55
Glossary 57
References 59
Cybersecurity – Threats Challenges Opportunities 5
Foreword
You’ve seen documents like this pass your desk
before, but we hope this one is a little different. You can
gloss over it, seeking the diamonds in the rough, but
take the time to delve into the information presented
here and you will walk away with a different
appreciation of the laptop on your desk, the car that
you drive, and the phone that you carry.
Not to mention the planes you fly, Logically, then, protecting that upon
Protecting that upon the banks that hold your money, the which we depend should be front
which we depend should hospitals that keep you alive and of mind for government, business
the very infrastructure that makes and industry, academia and every
be front of mind for our cities run. In short: the basis individual with a smartphone in
government, business of our modern lives. their pocket.
and industry, academia It can be hard to not overuse a word Which is to say, all of us.
and every individual that’s become popular thanks to
If you are part of government, this
with a smartphone in public awareness, but ‘cyber’ is now
primer serves as a guide to the
firmly entrenched in our language
their pocket. greater sphere of cybersecurity
and our mindset, by virtue of the fact
and how it relates to our national
that our society today depends so
security, our national interest, and
much on technology.
our economic prosperity.
So we’re going to talk about cyber
If you are an executive, board
with respect to security, as the two
member, business leader, or IT
are intimately intertwined. In this
professional this is an opportunity
guide we aim to break down what
to verse yourself in the language
is sometimes a large and complex
and the ecosystem, the threats and
issue into an easy to read and
the opportunities, and to better
digestible summary that should
communicate the issues and
– if we’ve done our job well – give
responsibilities around cybersecurity
you the tools to both talk confidently
within your organisation.
about the issues, as well as equip you
with the core information required to And if you are simply an individual
make decisions around cybersecurity. interested in understanding more
about the nature of our digitally-
Because, despite the technical
driven world, this guide will provide
nomenclature, the issue of cyber-
the basics and a clear overview of
security is as vital to our way of life
how cybersecurity relates to you.
as technology itself. In fact, they can’t
be separated: our economic health, At the ACS we welcome every
our national security, and indeed the opportunity to educate and assist.
fabric of our society is now defined If you have any questions, or would
by the technology we depend on like more information, please feel
every day. free to contact me at:
anthony.wong@acs.org.au.
What’s left unsaid here, however, is
the assumption that this technology Enjoy this guide. We hope it will make
will continue to work as we intend – a difference to you.
01
but this is only true if we can protect
it from being hacked, manipulated, Anthony Wong
and controlled. President, ACS
SECURING
AUSTRALIA’S FUTURE
At ACS we are passionate about the services to identify and certify Nations in New York, where the
ICT profession being recognised as ICT professionals you can trust, importance of ICT professionalism
a driver of productivity, innovation including through the Professional was acknowledged by the UN
and business – able to deliver real, Standards Scheme that assures General Assembly President in 2015.
tangible outcomes. professionals have the specialist
In May 2016 the President of
skills business can rely upon.
This year ACS celebrates 50 years IFIP participated in the European
of advancing ICT in Australia. Our ACS is part of the global federation Foresight Cyber Security
founders and pioneers worked of professional ICT societies, Meeting where he advocated
on the first innovative computers the International Federation for that professionalism of the ICT
in government, academia and Information Processing (IFIP), workforce is “a key element in
industry, and our members now and the first professional body to building trustworthy and reliable
work at the coalface of technology receive accreditation under the systems” and that it is important
development across every industry. International Professional Practice to ensure that “cyber security
Partnership (IP3) – providing a and cyber resilience is also a
In 2011, ACS brought together its
platform for accreditation for duty of care of the individual
own Cyber Taskforce from our
ICT professionals and mutual ICT professional”.
23,000 members to respond to the
recognition across international
Federal Government’s new cyber As we move forward another
boundaries. The ACS currently
discussion paper, ‘Connecting with 50 years, ACS will be there
chairs IP3 and plays a leading
Confidence’, where we highlighted at the forefront meeting the
role in the professionalism of the
the need to develop co-ordination challenges and opportunities
ICT workforce.
and a focus on the pipeline of of ICT, and supporting the
cyber professionals. IP3 has since gained global growth and potential of ICT
attention after successful professionals in Australia.
To play our part in securing
engagements at the World Summit
Australia’s future, we continue
on the Information Society (WSIS)
to perform the role of trusted
Forum in Geneva and the United
advisor to government, and deliver
Cybersecurity – Threats Challenges Opportunities 2
01
Executive summary
As technology continues to evolve so also do the
opportunities and challenges it provides. We are
at a crossroads as we move from a society already
entwined with the internet to the coming age of
automation, Big Data, and the Internet of Things (IoT).
But as a society that runs largely Critically, this document clarifies Our aim is that this document
on technology, we are also as a result the importance for Australia to take provides an informative primer on
dependent on it. And just as technology responsibility for its own cybersecurity, the relevant issues facing Australia
brings ever greater benefits, it also especially with regards to essential in relation to cybersecurity, to
brings ever greater threats: by the infrastructure and governance. generate discussion and debate, and
very nature of the opportunities it to raise awareness with regards to
On the flip side – and as one of the
presents it becomes a focal point for a fundamental building block of the
fastest growth industries globally
cybercrime, industrial espionage, and technologically-dependent society
– developing our own cybersecurity
cyberattacks. Therefore, protecting which we have already become.
industry is also an opportunity for
it is of paramount priority.
economic growth, job creation, and As you will read in the following
This guide looks at some of the education – ensuring Australia is pages, cybersecurity is not optional.
concerns facing us in the near future well positioned for a future as a It must form part of the design of
that include: digitally advanced nation. every product, of every database, of
every electronic communication. And
• Attack vectors such as botnets, Finally, we look at some of the
– through education, awareness, and
autonomous cars and ransomware. challenges that countries worldwide
proactive change – we can all play a
• Threats including data manipulation, are currently dealing with in regards
part in securing our future.
identify theft, and cyberwarfare. to cybersecurity, including:
• Tangential issues such as data • The need for more collaboration
sovereignty, digital trails, and in order to mitigate threats.
leveraging technology talent. • Education and awareness; and
Additionally, it provides some • The balance between privacy and
background to the nature of digital security.
ecosystems and the fundamentals
of cybersecurity.
Cybersecurity – Threats Challenges Opportunities 4
A brave
new world
You’re reading this document written with, laid out
by, and printed using computers. From start to
finish it existed as 0s and 1s – the binary blood of
our modern world.
In fact, our lives today are codified by data: almost
everything we do, and everything we depend on,
involves data and the technology that uses it – there
are scant few areas not touched by this revolution
we call the information age.
02CYBER SPEAK!
Every industry has its own lexicon,
and the cyber world is no different.
While built on technological
foundations that we all know
– computers, the internet,
smartphones, and similar – as you
delve deeper into the subject you
start to encounter acronyms and
technical concepts that you may
not be familiar with.
And, if we’re all to communicate
on the subject of cybersecurity –
across all sectors of government,
business, industry, and academia
– then it can help to familiarise
yourself with the nomenclature
associated with this diverse and
compelling subject.
To this end we’ve included a
Glossary on page 57. Feel free
to flick back and forth as you read
to ensure you get the most out this
document, spending more time
expanding your knowledge and
less time scratching your head!
And so it follows that in order to individual; at other times it can cause billion1 globally in the next seven
keep our way of life – and to continue significant financial or operational years alone – and the possibility
to prosper through technology – we harm. At its worst, loss of life can be for Australia to establish itself as a
must ensure that it always operates a result. leader, pioneering new technologies
and works for us as intended. and exporting cybersecurity products
Cybersecurity, then, is not optional.
to the rest of the world.
And for the most part it does, until As our world transitions more
it’s hacked. In the hands of less than products and services online, and We are more than just the lucky
favourable individuals, organisations, we in turn depend on them, protecting country. We are early adopters. We
and governments, technology and this technological infrastructure has are tenacious innovators. We are a
the data it depends on can be turned become a fundamental building block nation with the skills and talent to
against us. for information systems globally. lead the world in cybersecurity –
It must underpin every technology, and with the right mix of leadership
When you read yet another report
every gadget, every application, and and commitment from government,
of a multimillion-dollar bank theft,
anywhere data is stored. industry, and academia, we can make
yet another million usernames and
it happen.
passwords leaked on the web, or To help understand the risks, this
yet another scam milking millions document will explore the threats What part will you play?
from vulnerable people – what you Australia faces in this digital age:
are reading about is the lack of to our economy, our sovereignty,
cybersecurity: a failure to protect and ultimately, our way of life.
systems, processes, or data and
It will also cover the opportunities
thereby enabling exploitation.
as a burgeoning industry – one that
Sometimes the end result is just an
is projected to be worth $US639
embarrassment for a company or
Cybersecurity – Threats Challenges Opportunities 646 What is
cybersecurity?
% OF THE WORLD’S
POPULATION
IS CONNECTED
TO THE
INTERNET
As with any technological advance throughout
history, whenever new opportunities are created,
there will always be those that exploit them for
their own gain.
Despite the threat of viruses and
malware almost since the dawn
of computing, awareness of the
security and sanctity of data with
computer systems didn’t gain
traction until the explosive growth of
the internet, whereby the exposure
of so many machines on the web
provided a veritable playground for
hackers to test their skills – bringing
down websites, stealing data, or
committing fraud. It’s something we
now call cybercrime.
Since then, and with internet
penetration globally at an estimated
3.4 billion users (approximately 46%
02
of the world’s population2), theTHREAT VECTORS BY INDUSTRY
The vectors by which industries are compromised.
Source: Verizon 2015 Data Breach Investigations Report
FINANCE
INFORMATION
PUBLIC SECTOR
EDUCATIONAL WEB
FINANCE APPLICATIONS RETAIL
9.4%
ENTERTAINMENT
HOSPITALITY
CRIMEWARE
POINT OF SALE
18.8% 28.5% MISCELLANEOUS
14.7%
PRIVILEGE
MISUSE
CYBER
ESPIONAGE
10.6% MINING
18% HEALTHCARE
ADMINISTRATIVE
PROFESSIONAL
INFORMATION
MANUFACTURING
opportunities for cybercrime have of critical business or government
ballooned exponentially. intelligence, that drives the cyber The increasing
underworld. prevalence and severity
Combating this is a multi-disciplinary
affair that spans hardware and One fact remains clear: it’s only of malicious cyber-
software through to policy and people going to increase. As we integrate
enabled activities…
– all of it aimed at both preventing technology further into our lives, the
cybercrime occurring in the first opportunities for abuse grow. So too, constitute an unusual
place, or minimising its impact then, must the defences we employ and extraordinary threat
when it does. This is the practice of to stop them through the education to the national security,
cybersecurity. and practice of cybersecurity.
foreign policy and
There is no silver bullet, however; economy of the United
cybersecurity is a constantly evolving,
States. I hereby declare
constantly active process just like the
threats it aims to prevent. a national emergency
to deal with this threat.
What happens when security fails?
While what frequently makes the
Barack Obama,
news are breaches of user accounts
President of the United States, 20153
and the publication of names and
passwords – the type that the Ashley
Madison hack publicly exemplified
– it’s often financial gain, or the theft
Cybersecurity – Threats Challenges Opportunities 8LAST
TO KNOW
MORE THAN
90%
OF BREACHES
ARE DISCOVERED
BY EXTERNAL
PARTIES
WHAT’S THE
PASSWORD?
63%
OF BREACHES ARE
CAUSED BY WEAK,
DEFAULT, OR STOLEN
PASSWORDS
EASY HACKS, EASY BREACHES TOP 10 ESPIONAGE TARGETED INDUSTRIES
Source: Verizon 2016 Data Breach The most targeted industries in 2015.
Investigations Report Source: Verizon 2015 Data Breach Investigations Report
MANUFACTURING 27.4%
PUBLIC 20.2%
PROFESSIONAL 13.3%
INFORMATION 6.2%
UTILITIES 3.9%
TRANSPORTATION 1.8%
EDUCATIONAL 1.7%
REAL ESTATE 1.3%
FINANCIAL SERVICES 0.8%
HEALTHCARE 0.7%
AND THE WEAKEST
LINK IS…
Humans are inherently complex In fact a recent study by researchers
and multi-faceted creatures with at the Friedrich-Alexander
our own agendas, influences, University of Erlangen-Nuremberg,
faults, beliefs, and priorities. Germany, revealed that just over
50% of people click on links in
Sometimes we’re also simply just
emails from strangers, even when
too trusting.
they were aware of the risks.4
Even the most hardened system
And so, as a result, cybersecurity
can be breached through social
isn’t just about technological
engineering – the ‘hacking’ of
defences: it’s also about people.
people. No amount of secure
From the home user through
network topologies and firewalls
to industry and government,
or security software can withstand
everyone needs a basic
a user innocently clicking on an
understanding of cyberthreats
email link, or being convinced to
02
and how to recognise them –
give up login details over the phone
something which comes under the
by someone pretending to be from
umbrella of digital literacy.
the IT department.Cybersecurity – Threats Challenges Opportunities 10
A world without
cybersecurity
93% WHILE One the most damaging targets for a society embroiled
COMPANIES
OF CASES TOOK in cyberwarfare is infrastructure.
HACKERS WEEKS
TOOK JUST
OR MONTHS TO
MINUTES DISCOVER Our reliance on automation focuses single points
TO BREACH
of failure that can have dramatic consequences if
directed at power stations, communication networks,
SHOW
ME THE 95% transport and other utilities.
MONEY OF WEB
ATTACKS By way of example, and to draw terrorist, criminal, or foreign power.
ARE FINACIALLY from the emerging technology of Australia invaded without the invader
MOTIVATED
driverless cars gaining popularity ever stepping on our shores.
now, is the following example of
It’s a stark example, but it
EMPLOYEE LOST ASSETS what might happen if we continue to
demonstrates the Achilles heel the
MISTAKES
100x
TIMES MORE
create products and services without
cybersecurity in mind:
inter-connected society that we are
heading for right now, and the reason
PREVALENT Thirty years from now our society cybersecurity must be part of all
THAN THEFT
runs on automated cars, buses and technology from the outset.
trains. Planes still require human
Consider this: the internet has
NEARLY 12% DO authority – for now – and drones
enabled entirely new business
CLICK
30% THE LINK OR
line the sky. On the one hand, this
advance in technology has brought
models that have already shaped
our planet. But the Googles and
OPEN
PHISHING
OPEN much greater efficiency: traffic
ATTACHED Facebooks and Amazons of this
EMAILS FILES jams eliminated, pollution lowered,
world are not the most profitable
cheaper cost of transport and more.
organisations that conduct business
It’s a golden age.
SIMPLE MISTAKES, COSTLY LOSSES over the internet today – that crown
Source: Verizon 2016 Data Breach Then a cyberattack compromises the belongs to cybercrime. It speaks
Investigations Report central network. The systems that volumes that the most lucrative
co-ordinate all transport shut down, business on the internet today
bringing the city of Sydney – now is fraud.9
7 million people – to an abrupt halt.
No cars, no buses, no trains.
Workers can’t get to and from work,
and productivity stops. Life-saving
medicine doesn’t arrive and people
die. Essential services begin to fail,
and chaos ensues. The economic and
social fallout is immense: a city held
hostage by an external force – be it
02Q2 2015 saw one of the
highest packet rate
attacks recorded... which
peaked at 214 million
packets per second (Mpps).
That volume is capable
of taking out Tier 1
routers, such as those
used by Internet service
providers (ISPs).
Akamai, State of the Internet
Q2 2015 Report10
CHINA 37.01%
US 17.88%
UK 10.21%
INDIA 7.43
SPAIN 6.03%
KOREA 4.53%
RUSSIAN FEDERATION 4.45%
GERMANY 4.29%
AUSTRALIA 4.18%
TAIWAN 4.0%
TOP 10 SOURCE COUNTRIES FOR DDOS ATTACKS, Q2 2015
Top sources of mitigated DDoS attacks on Akamai’s network.
Source: Akamai State of the Internet Report, Q2 2015
Cybersecurity – Threats Challenges Opportunities 12Threats
in the
information
age
Every minute, we are
seeing about half a
million attack attempts
that are happening in
cyberspace.
Derek Manky,
Fortinet Global Security Strategist5
03500
500,000 ATTACKS
AGAINST FORTINET
EVERY MINUTE
To understand just how technology
becomes vulnerable to cybercrime,
it helps to first understand the nature
of threats and how they exploit
technological systems.
You might first ask why technology is
vulnerable at all, and the answer is
simple: trust. From its inception, the
protocols that drive Internet, by and
large, were not designed for a future
that involved exploitation – there was
little expectation at its birth that we
might need to one day mitigate
against attacks such as a distributed
considered.
Thousand
for nefarious purposes isn’t even
And the result is that today cybercrime
almost exclusively leverages the lack
of security-focused design in
everything from your smartphone and
web browser through to your credit
card and even the electronic systems
in your car.
The nature of threats
Cybercrime comes in a variety of
forms ranging from denial of service
attacks on websites through to theft,
by hardware and software. That is,
if a hacking exploit works on Apple
iPhones for example, and everyone
in your organisation has one, then
by definition the attack surface could
range in the dozens to the thousands
depending on the size of your
company. Or, looking at it another
way, if anyone with an iPhone is
vulnerable, the attack surface
worldwide totals in the hundreds
of millions.
This is further compounded by the
fact that hardware and software
denial of service (DDoS), or that a blackmail, extortion, manipulation, may provide multiple vectors for
webcam you buy off the shelf might and destruction. The tools are many attacks, such that – and using the
need security protocols to prevent it and varied, and can include malware, above example again – an iPhone
being hacked and used to spy on you. ransomware, spyware, social might have multiple different
engineering, and even alterations vulnerabilities, each of them a
There is much greater awareness
to physical devices (for example, possibility for exploitation. In some
today, but even so you can still buy
ATM skimmers). cases, multiple exploits can be used
devices that connect to the internet
in tandem to hack a device, as the
that have poor security measures or It’s no surprise then that the sheer FBI recently demonstrated when it
no security at all built-in, because up scope of possible attacks is vast, gained access to the San Bernardino
until recently this simply wasn’t part a problem compounded by what’s shooter’s iPhone (yes, the good guys
of the design scope. In many cases, known as the attack surface: the can hack you, too…)
the idea that a device might be used size of the vulnerability presented
Cybersecurity – Threats Challenges Opportunities 14And this is to say nothing of According to network security and
There were 19 distributed embedded systems the type that services company Fortinet, 500,000
denial-of-service (DDoS) of which power our infrastructure attacks occur against its networks
including transport, electricity, and every minute5. And that’s just one
attacks that exceeded communications. Here, attacks are service provider.
100 Gbps during the often more targeted – even down to
The bottom line is this: almost
first three months of the specific to systems in a particular
anything controllable by technology
year, almost four times plant – but the repercussions are
will have a weak spot. In the past
also considerably more dangerous.
more than in the previous Shutting down an electrical grid, for
year we’ve seen everything from
cars (“Hackers remotely kill jeep
quarter. In some cases example, can have life-threatening
on highway”6) to medical devices
attackers don’t even consequences.
(“Hackers can send fatal dose to
have to deliver on their What you also don’t see – because drug pumps”7) to toys (“Hackers
threats. Researchers it’s hidden in the millions of fibre- hijack Hello Barbie Wi-Fi to spy
optic networks and routers that on children”8) succumb to anyone
from CloudFlare reported
form the internet – is that attacks with a little knowledge, time, and
that an extortion group are happening constantly all around opportunity.
earned $100,000 without the world, even as you read this.
To appreciate the scope of the
ever launching a single Your modem at home that gives you
challenge that lies ahead – the new
access to the internet is constantly
DDoS attack. types of threats that we are starting
fending off queries to see if your
to see emerge now – and thus the
IP address has any open ports (the
Lucien Constantin, importance of cybersecurity for
Network World, 201628
virtual addresses that allow software
the government, industry, and the
to communicate to and from your
03
individual, the following section
computers and network).
delves into our predictions of where
cybercrime is heading, and the type
of attacks we can expect to see.The Internet of
Things (IoT)
Perhaps the most recognised buzzword of the
For $6 in Bitcoin, I can
moment, the Internet of Things (IoT) encompasses
rent time on a DDoS tool
and bring down most
the many and varied devices currently on the market,
websites. Better yet, if I or soon to be on the market, that will connect to and
send just the right type stay connected to the internet 24/7.
of packet to their web Typically this includes products like But this is just the beginning. IoT
servers, I can crash the webcams, smart TVs, and even the has the potential to encompass a lot
site for free. much touted internet-connected more – heart monitoring implants,
fridges. But IoT actually encompasses pathogen monitoring for food,
A Thief’s Perspective (interview), a broad range of products most of transponders for animals on farms,
Intel Security, 201518 which you won’t actually see – environmental waste monitoring,
electronics, sensors, actuators field devices for police to detect
and software soon to be built into threats, feedback sensors for
everything from your car to your home: firefighters in search and rescue
technology to unlock your door and and much, much more.
turn on the lights when you arrive
Perhaps the best way to imagine
home; technology to allow cars to
IoT is – and to borrow a phrase
talk to other cars and traffic lights
from a research paper at the Social
to prevent accidents; technology to
Science Research Network – is
let entire cities regulate air-quality,
to think of IoT as an “inextricable
manage energy distribution, and
mixture of hardware, software, data
regulate water supply all in real-time
and service”11. Which of course is
from thousands of buildings, each with
to say that the potential is close to
thousands of sensors, all communi-
limitless.
cating through a city-wide network.
According to the CEO of Cisco, Chuck
Sound like fantasy? There is already a
Robbins, the IoT industry is expected
development in the UK by River Clyde
to be worth $US19 trillion globally
Homes and the Hypercat Consortium
by 202012. Closer to home, Frost &
to build a Smart Neighbourhood in
Sullivan is tipping the Australian
Scotland by installing hundreds of
market for IoT – just in terms of
IoT devices to monitor everything
home devices, such as in security or
from temperature and local weather
energy management – to be worth
through to carbon monoxide levels,
$200M by 2020.13
potential gas leaks, lift maintenance,
smoke detection and communal Taken together, this means is that in
lighting to name a few. All of these the near future just about everything
talk to each other to provide an you use, and everywhere you go,
overall real-time knowledge base devices will be hooked up to each
for the operating of neighbourhood other communicating, sharing data,
services, and to minimise health and and enabling a future that once
safety risks. was the realm of science-fiction.
The potential boon for society is
immense, but so too are the risks.
Cybersecurity – Threats Challenges Opportunities 16IOT – A FUTURE OF CONNECTED DEVICES
As barriers to entry drop we will see an uptake of IoT, creating a future where
attack vectors are everywhere.
Source: IoT Alliance Australia
99% 1T
20x 40x 60x
OF THINGS IN THE COST OF COST OF COST OF 1 TRILLION
WORLD ARE STILL SENSORS BANDWIDTH PROCESSING CONNECTED
NOT CONNECTED PAST 10 YEARS PAST 10 YEARS PAST 10 YEARS THINGS BY 2035
Considerably more devices will be Botnet armies the Googles and Akamais of this world
connected to each other and the – are able to withstand.
Somewhat related are botnets. A bot
internet: Intel predicts there will be as
(sometimes called a ‘zombie’) is a Analysis of the attack on OVH revealed
many as 200 billion devices by 2020.14
remotely-controlled and compromised – it consisted of some 145,000 devices,
And if you remember our primer at unbeknownst to the owner – computing the majority of which belonged to
the start of this document, that is device that’s connected to the internet. internet-connected CCTV cameras
one very large, very vulnerable attack This could be a desktop computer or a and DVRs (digital video recorders)
surface. It should go without saying laptop, but it can also be a webcam, typically used in business and home
that the threat potential from IoT is a modem, or a Wi-Fi router, all of surveillance.
beyond vast, and therefore which almost everyone has in their
Such products make ideal bots because
cybersecurity practices must form home today. Unfortunately, again, poor
their limited functionality provides less
part of IoT development from the security design sees devices like
scope for security software; they’re
ground up. For example, car manufac- these come with only basic security
often headless, meaning a user doesn’t
turers need to build security protocols that can be easily bypassed, allowing
have a display or other means to
into the sensors in smart cars to cybercriminals to install malware and
interact with them to monitor activity.
ensure they can’t be turned against control the device remotely.
They almost always come with a
the driver to cause injury or death.
Collect enough bots and you have default administrator password that
Something which, unfortunately, is
a botnet, and with a botnet you can nobody changes because it requires
currently not the case (see next
launch a distributed denial-of-service effort and a bit of technical know-how
section, Autonomous systems).
(DDoS) attack. In large enough – allowing cybercriminals to walk
numbers, such an attack can take through the front door and take it over.
down websites and knock services
This is a great example of how lack of
offline – something we saw first-hand
Although a successful earlier this year when the Australian
security design enables cybercrime
attack on industrial IoT – who would think to hack a CCTV?
Bureau of Statistics eCensus website
But that’s the line of thinking that
devices with an installed was very publicly attacked.
engenders security flaws. And once a
base of hundreds of This is to say nothing of what happens flaw is out there, it often can’t be fixed:
millions would likely when IoT devices take part in a DDoS, the cost of updating the devices could
which we know they already do. In fact, be ruinous for a company if they need
cause havoc, one device
the world’s largest DDoS occurred in to be recalled, as not every device sup-
at a key point in a critical August of this year knocking out French ports the ability to be updated remotely.
infrastructure control internet service provider OVH, suffering
Prevention, then, is better than cure.
system could be far more an attack that transmitted a record-
breaking 1Tbps17. To put this into Recently, cybercriminal botnet
devastating.
perspective, a 1Gbps attack is sufficient operators have moved to self-
to knock most businesses anywhere in sustaining botnets that continually
McAfee Labs 2016
Threats Predictions15
the world offline, and this attack was find new devices to infect and add to
1000 times stronger. It was only earlier the flock, even while others may
in 2016 that the previous record came be taken offline16. This has led to
in at 579GBps. That is, we have already cybercriminals to sub-lease access to
03
seen almost a doubling of capability their botnets on the cheap, meaning
in less than a year, and at a volume so anyone with a grudge and $50 can
high that very few very large players – bring down a website.TABLETS WEARABLE DEVICES
2015 – 248 MILLION 2019 – 269 MILLION 2015 – 200 MILLION 2019 – 780 MILLION
IOT DEVICES GLOBAL PUBLIC CLOUD MARKET SIZE
2015 – 15 BILLION 2020 – 200 BILLION 2015 – $97 BILLION 2020 – $159 BILLION
MORE DEVICES, MORE THREATS
The growth in user-centric mobile and IoT devices will see greater exploitation of personal data.
Source: McAfee 2016 Threats Predictions
WHEN SECURITY IS
AN AFTERTHOUGHT
One of the most potent botnets and passwords (usually all related
to date is Lizardstresser, by the to administrator logins).
infamous Lizard Squad DDoS
It’s so successful because many
group. In 2015 the group released
IoT devices are manufactured with
the source code, allowing others to
the same default login credentials.
make their own. This has resulted
Additionally, these same devices
in copy-cat groups and a stark
are also often simply plugged in
increase in botnets-for-hire.
and turned on, and have unfettered
Lizardstresser relies on cheap access to the internet through
IoT hardware to build large botnet whatever corporate or home
armies, using shell scripts (simple networks they are connected to.
text-based scripted programs) This makes them easy targets
to scan IP ranges and to attempt to enslave into botnets.19
access using hardcoded usernames
Cybersecurity – Threats Challenges Opportunities 18Attacks on automobile
systems will increase
rapidly in 2016 due to
the rapid increase in
connected automobile
hardware built without
foundational security
principles.
McAfee Labs 2016
Threats Predictions15
Autonomous
systems
As technology continues to permeate our lives, we
move from operating technology to integrating with
it. This is especially true of autonomous systems
that are by definition designed to blend in with our
society, becoming second nature.
By the same token however, Similar abuse of access has also
reliance on such systems makes the been demonstrated with cars from
outcome of their abuse potentially Mercedes, BMW, Toyota, Audi and
more damaging. Typically, these Fiat – all due to poor security in the
technologies also integrate into design process.20 21 22
critical infrastructure, such as
It’s not hard to see that in the wrong
payment systems and – in the case
hands such abuse could result in
of autonomous cars – the transport
cars being used as weapons to maim
network, making protecting them
or kill pedestrians – or even the
from a cybercrime a pivotal focus for
occupants themselves – on the road.
cybersecurity.
According to Business Insider in its
Connected-Car Report, there will be
Driverless cars and transport 220 million autonomous cars on the
At the moment, driverless cars are road by 2020.23
stealing the limelight of autonomous
McAfee’s 2016 Threats Predictions
systems. While so far there have
Report notes that “poorly secured
been no documented cases of
driverless cars and smart highways
wilful misuse, it’s already been
will further expose drivers and
demonstrated that autonomous cars
passengers in 2017 and beyond,
can be remotely controlled.
likely resulting in lost lives…”, and
In 2015, 1.4 million Jeep Cherokees that “recent vehicle hacks are a
were recalled after hackers great example… selectively modifying
demonstrated that the cars could communications and commands
be taken over remotely through the so they can take control or affect
03
entertainment system.6 what the vehicle does. This has a
potentially terrifying result.”15DRX-BASED
AIRBAG ECU USB RECEIVER (VX2)
REMOTE LINK ONBOARD BLUETOOTH REMOTE KEY
TYPE APP DEVICES
STEERING AND PASSIVE
BRAKING ECU TPMS KEYLESS ENTRY
LIGHTING SYSTEM
VEHICLE ACCESS ENGINE AND ECU (INTERIOR AND ADAS SYSTEM
SYSTEM ECU TRANSMISSION ECU EXTERIOR) ECU
THE ATTACK SURFACE OF A MODERN CAR
Many car systems have not been designed with security in mind, making it possible to hack into a car via smartphone or laptop.
Source: McAfee 2016 Threats Predictions
Cybersecurity – Threats Challenges Opportunities 20EMAIL LINK
PHISHING PERSON USER DESKTOP
EMAIL ATTACHMENT MALWARE INSTALLATION
ALTER BEHAVIOUR
STEAL CREDENTIALS
USE OF STOLEN CREDENTIALS
DIRECT INSTALL MALWARE
BACKDOOR, C2, RAMSCRAPER, EXPORT DATA
PAYMENT
POS TERMINAL/CONTROLLER
BIRTH AND REBIRTH OF A DATA BREACH
An example of how one breach can lead to another (in this case, harvesting
payment data of consumers after first breaching a POS vendor).
Source: Verizon 2016 Data Breach Investigations Report
ATMs and Point of Sale processing system, and so it’s
They’d been inside our Credit cards have long been the
not uncommon to find malware
network for a long period, specifically designed to pull data
target of fraudsters, spurring the
from embedded systems in POS
about two years. And the development of RFID chips and
terminals (see ‘Birth and re-birth
other protective technology in the
way it was described to of a data breach’ diagram, above.)
banking ecosystem. However,
us was they’re so deep security is an arms race and threats Now, of course, the technology has
inside our network it’s such as skimming is now a global progressed further with contactless
like we had someone phenomenon that allows data from pay systems from the likes of Apple
cards to be read and transmitted (Apple Pay) and Google (Android Pay),
sitting over our shoulder
wirelessly in real time from ATM as well as players like Samsung
for anything we did. machines and point of sale devices. (Samsung Pay, of course) that allow
consumers to pay simply by waving
Daryl Peter, IT Manager,
Indeed, point of sale systems as a
their smartphone over a device –
NewSat 2012-201485 whole are their own a sub-category
which presents yet another attack
of cybercrime infiltration, being
surface for cybercrime.
the weakest point of the payment
03WHAT ABOUT
WEARABLES?
Wearables are rapidly gaining Wearables are tracking all sorts
popularity with smartwatches such of personal information including
as the Apple Watch and Samsung GPS location, blood pressure,
Gear, as well as exercise wearables heart rate, and anything else
like those from FitBit and Jawbone. you feed them such as weight or
According to ABI Research, an diet. Such personally identifiable
estimated 780 million wearable information could be used as a
devices will be in circulation base to target you for spear-phishing,
by 2019. or aid in identity theft. But the
real opportunity is these devices
Now you might be wondering
linking to your smartphone, where
just what would be so bad about
phone numbers, more personally
hacking a fitness wearable? This
identifiable information, emails,
is exactly the line of thinking
web logins etc. could theoretically
that allows cybercrime to occur.
be compromised.
Cybersecurity – Threats Challenges Opportunities 2203
Cyberwarfare
Once the domain of science fiction, cyberwarfare
Most modern countries
is now very real, with most superpowers now
now are treating
cyberspace as another
having dedicated cyberwarfare divisions of the
military domain, in military. And while there have been few known,
addition to land, air co-ordinated cyberattacks on physical targets,
and sea. we don’t need a crystal ball to predict the future:
they will only increase.
Dmitri Alperovitch, Cybersecurity
industry executive25 It’s telling that we are now in an Automated attacks
age where governments, political
Much of what we talk about with
groups, criminals and corporations
regards to ‘hacking’ is a function
can engage in cyberespionage,
of people at keyboards finding and
cyberwarfare, and cyberterrorism.
abusing weak links in security. It is a
The Prime Minister, Malcolm Turnbull,
skilled and time-consuming process.
announced at the Australia-US
Cyber Security Dialogue in September However, in the ever-evolving arms
that Australia is well equipped to race between subversive elements
both defend against and carry out and cybersecurity, a move to
cyber-operations. automating such attacks would have
clear benefits: whereas exfiltration
We now live in a world where warfare
may have taken days by skilled
can be conducted entirely virtually –
personnel, automated attacks can
though the consequences will almost
reduce this to hours – infiltrating,
always have repercussions in the
searching for a payload, gobbling it
physical world.
ENERGETIC BEAR
One of the more well-known in manufacturing, construction,
nation-state sponsored tools of health care and defence companies.
cyberwarfare currently active is
Primarily designed for
Energetic Bear. First uncovered in
cyberespionage, when the threat
2012, and believed to be sponsored
was first mapped in 2014 by
by Russia, Energetic Bear used
security firm Kaspersky Labs,
the Havex Trojan to gain access to
it identified nearly 2,800 victims
company networks, particularly
worldwide, affecting countries
those in the energy sector,
including the US, Spain, Japan
though it has also been found
and Germany.44
Cybersecurity – Threats Challenges Opportunities 24Almost half the security
professionals surveyed
think it is likely or
extremely likely that a
successful cyberattack
will take down critical
infrastructure and cause
loss of human life within
the next three years.
Critical Infrastructure Readiness
Report, Aspen Institute and
2
up, encrypting it, and sending it out
over the network before the host
machine’s security personnel even
knows what’s happened.
The defence to which, of course,
is to automate security to combat
automated attacks – computer
software fighting computer software,
all without human intervention. And
while this sounds like a sci-fi movie,
the reality is it’s already here – in
August this year the world’s first
automated cyber-hacking contest
was held at DARPA (Defence
Advanced Research Projects Agency),
Intel Security, 201525
which saw supercomputers battle
it out for a $2 million prize, the win
going to a perhaps appropriately
named machine called ‘Mayhem’.45
03230
PEOPLE LOST
POWER WHEN
30 SUB-STATIONS
IN WESTERN
UKRAINE WERE
SHUT DOWN
VIA A REMOTE
ATTACK
,000
Cyberattacks on Iran’s nuclear-enrichment program French Coldwell, Chief Evangelist
infrastructure by sabotaging centrifuges.40 at governance, risk, and compliance
• In 2014 a German steelworks was apps company Metricstream, at a
As societies around the world
disabled and a furnace severely cybersecurity summit earlier this
depend ever more heavily on
damaged when hackers infiltrated year noted that “this is the canary
technology, the ability to shut down
its networks and prevented the in the coalmine. Much more of this
or destroy infrastructure, take
furnace from shutting down.41 will come.”43
control of machines and vehicles,
and directly cause the loss of life • In 2015, with an attack strongly We can expect governments around
has become a reality. To date, some suspected to have originated the world to strengthen their
of the more well-known examples from Russia, 230,000 people lost cyberattack and defence capabilities,
of cyberattacks on infrastructure power when 30 sub-stations in spurring an arms race that will
include: Western Ukraine were shut down operate at a much faster pace than
via a remote attack. Operators at we saw in the Cold War. But here
• In 2008 when Russia sent
the Prykarpattyaoblenergo control the results could be much more
tanks into Georgia, the attack
centre were even locked out of subtle – as noted in the McAfee 2016
coincided with a cyberattack on
their systems during the attack and Threats Predictions report, “they will
Georgian government computing
could only watch it unfold.42 improve their intelligence-gathering
infrastructure. This is thought to
capabilities, they will grow their
be one of the first land and cyber In all of these, and as an indication
ability to surreptitiously manipulate
coordinated attacks.39 of how the landscape of war is
markets, and they will continue to
• Also in 2008, Stuxnet – a computer changing, the weapon of choice for
expand the definition of and rules of
worm purportedly jointly designed these attacks wasn’t guns or bombs
engagement for cyberwarfare.”15
by the US and Israel – crippled – it was a keyboard.
Cybersecurity – Threats Challenges Opportunities 2603
WHEN SOFTWARE
KILLS
It’s easy to forget that computers Toyota’s ETCS
America’s top spies say can have life-threatening con- Toyota recalled 8 million vehicles
the attacks that worry sequences. Here are some well- worldwide starting in 2009 after
known examples of what happens
them don’t involve the faults with the Electronic Throttle
when technology fails due to small Control System resulted in the
theft of data, but the mistakes in computer code.
direct manipulation of death of 89 people.31
it, changing perceptions Therac 25 Tesla’s autopilot
of what is real and This is so well known that it’s now In July 2016 a man died while
what is not. taught in computer science relying on the autopilot function of
curriculums. Therac 25 was a his Tesla Model S when it failed to
Patrick Tucker, Defense One27 Canadian medical machine designed detect a trailer, crashing into it.32
to help save lives by administering
targeted doses of radiation to kill These are examples of unintended
cancer. Instead, a rare software software faults, but subtle manip-
glitch saw patients receiving 100 ulation of data could intentionally
times the necessary dose. In a result in loss of life, and remain
period from 1985-1987 five patients undetected until this occurs.
died, while many others were Military officials in the US have
seriously injured.29 even raised concerns that Chinese
hackers known to have infiltrated
Patriot missile defence contractors over the
last decade could have already
During the Gulf War in 1991 a
altered code for weapon systems,
Patriot missile failed to intercept
sitting dormant until the next
a Scud missile due to a software
major conflict.33
fault, resulting in the death of
28 US soldiers and injuring
100 others.30
Cybersecurity – Threats Challenges Opportunities 28Data manipulation
Not all attacks are about theft or destruction.
The biggest threats in
A more sinister cause is the manipulation of data
cybersecurity today
are around the large
in place – such that machines can be controlled
scale proliferation – or the wrong information reported to human
of targeted attacks – operators without their knowledge.
from breach and email It’s clear if a cybercriminal releases By way of example, in 2015 Juniper
distribution of socially stolen usernames and passwords Networks announced it had
engineered ransomware on the web. It’s much less clear if discovered multiple backdoors in
data belonging to a business has its firewall operating system code
to potentially harmful
been modified – with those who installed with its products – the same
attacks on critical own the data none the wiser. As no products used to protect corporate
infrastructure like destruction is caused such intrusions and government systems around the
energy networks. here can be harder to detect, if world. These backdoors had been
they’re detected at all. Yet even the active for at least three years.
Rodney Gedda, smallest alterations can have serious
One of the backdoors gave remote
Senior Analyst, Telsyte53 consequences and implications.
control of the firewall to an outside
James Clapper, Director of US user, while another disturbingly
National Intelligence, said it allowed for the decryption of traffic
succinctly when he stated, “Decision running through a Juniper Networks
making by senior government firewall, allowing traffic to be
officials (civilian and military), eavesdropped. The sophistication
corporate executives, investors, and nature of this breach points to
or others will be impaired if they a nation-state as the culprit.34
cannot trust the information they
are receiving.”27 Cloud concerns
As with any successful technology,
Backdoors and espionage the more popular it becomes the
Backdoors are particularly larger a target it also becomes.
concerning because they can be Cloud is now well entrenched as a
both hard to discover and provide concept and a service offering, and
unfettered access to a system or indeed many businesses now rely on
entire network. cloud services to operate.
A compromised system can provide On the one hand this can make
cybercriminals or a nation-state the security easier for companies
ability to spy on data, or alter the outsourcing their data to lie on
data in place. And for as long as a a cloud service where the cost of
system is compromised, abuse of security is carried by the vendor,
privilege will be ongoing. but on the other it centralises cloud
services as highly viable targets
03
for attack.BLAST FROM
THE PAST
Perhaps one of the more it was visible from space. Later
prominent examples of the cause was revealed to be a
cyberwarfare – even before the Trojan horse implanted by the US
internet became ubiquitous – in pipeline equipment sold from a
comes from the cold war in 1982 Canadian company on to Russia.
when a Siberian oil pipeline End result: economic sabotage
exploded, creating at the time facilitated by computer software.
one of the largest non-nuclear
explosions in history, so large
22° LOCAL
WEATHER
GAS DETECTION 0% 22° TEMPERATURE
LEL
CARBON
MONOXIDE 0 50%
CISTERN
AND TANK
LEVELS PPM OVERFLOW
PIR SENSORS 180° 40% HUMIDITY
LEVEL
COMMUNAL
WINDOWS
35°
ANGLE
0% SMOKE
DETECTION
COMMUNAL
LIGHTING KWH 1344 LIFTS
MOVEMENT AND NOISE
RELATED TO ASB
80 17% COMMUNAL
DBR OPEN DOORS
SMART CITIES – BRITAIN’S NEIGHBOURHOOD@BROOMHILL PROJECT
A small sample of the types of IoT sensors in a smart city apartment block.
Source: IoT Alliance Australia
Cybersecurity – Threats Challenges Opportunities 3090% OF AUSTRALIANS
WILL BE ONLINE BY 2017
2 IN 3 AUSTRALIANS
HAVE SOCIAL
MEDIA ACCOUNTS
1 IN 2 AUSTRALIAN
MOST AUSTRALIANS
SMALL AND MEDIUM
SPEND ALMOST 1 DAY
BUSINESSES RECEIVE
ONLINE PER WEEK
PAYMENTS ONLINE
THE MARKET BY 2019, THE AVERAGE
84% OF AUSTRALIAN
FOR CONNECTED AUSTRALIAN HOUSEHOLD
SMALL AND MEDIUM
HOME DEVICES IS WILL HAVE 24 DEVICES
BUSINESSES ARE ONLINE
EXPECTED TO GROW CONNECTED ONLINE
11-FOLD TO 2019
AUSTRALIANS ARE BECOMING INCREASINGLY CONNECTED ONLINE
As Australia becomes ever more connected, cybersecurity becomes ever more important.
Source: Commonwealth of Australia, Department of the Prime Minister and Cabinet,
Australia’s Cyber Security Strategy.
But there’s also a less obvious A good example of how the landscape
Nation-state concern here: sovereignty. can change is the news earlier this
cyberwarfare will year that in Russia, ISPs are now
Security of cloud data is not just
required to store both the metadata
become an equaliser, about encryption, but also the
and content of communications,
sovereignty of access when data is
shifting the balance and hand over encryption keys for
physically located in an overseas
of power in many jurisdiction. The internet may have
any encrypted data36. Any cloud data
international passing through an ISP can become
no borders, but data itself still
readable by Russia’s government and
relationships just as lies within traditional real-world
intelligence services. This had the
boundaries and in turn may be bound
nuclear weapons did immediate fallout of some popular
by the laws of a foreign nation.35
starting in the 1950s. VPNs closing their Russian nodes,
Further, even if we trust in the and in at least one known case37
McAfee Labs 2016 laws of a foreign nation there’s no servers were seized from the VPN
Threats Predictions15 guarantee they won’t change, and provider under this law.
data that was previously protected
With cloud expected to grow by
could be subpoenaed, accessed by
around 18% through 201638,
government departments, or shared
concerns around the sanctity and
with third parties without consent.
sovereignty of cloud data are only
going to increase.
03MORE USERS
2015 – 3.0 BILLION
2019 – 4.0 BILLION
MORE SMARTPHONE CONNECTIONS MORE DATA
2015 – 3.3 BILLION 2015 – 8.8 ZETTABYTES
2020 – 5.9 BILLION 2020 – 44.0 ZETTABYTES
MORE IP-CONNECTED DEVICES MORE NETWORK TRAFFIC
2015 – 16.3 BILLION 2015 – 72.4 EXABYTES PER MONTH
2019 – 24.4 BILLION 2019 – 168.0 EXABYTES PER MONTH
THE GROWING CYBERATTACK SURFACE
More devices, more users, more data – every year.
Source: McAfee 2016 Threats Predictions
Virtualised threats run different operating systems
and different applications), we
As a result of the growth in cloud
have substantially broadened the
services, there has been an explosion
attack surface.”
in the use of virtual machines for
business, making these prime targets Indeed, the use of apps that rely
for cybercrime. on the cloud will also allow mobile
devices running compromised apps
Fortinet notes, “growing reliance on
as a way for hackers to remotely
virtualisation and both private and
attack and breach public and private
hybrid clouds will make these kinds
corporate networks.5
of attacks even more fruitful for
cybercriminals.”5 Finally, there’s one other
consideration: cybercriminals can
And, as the McAfee’s 2016 Threats
use cloud services themselves,
Predictions report notes, “how do
providing powerful resources for
you accurately track and attribute
processing power and storage, and
an attack, with all of the obfuscation
the ability to appear and disappear
possible with clouds and
at the click of a button.
virtualisation?”15 It goes on to state,
“if we keep our stuff in the cloud and
access it from a phone, tablet, kiosk,
automobile, or watch (all of which
Cybersecurity – Threats Challenges Opportunities 32Industry and the
individual
While large security breaches make the news,
Malware is still very
the majority of cybercrime involves fraud targeting
popular and growing,
but the past year has
businesses and individuals. Here, a mixture of
marked the beginnings malware and social engineering can see financial
of a significant shift fraud resulting in the loss of thousands, all the way
toward new threats that up to millions, of dollars.
are more difficult to And, it’s also some of the hardest encourage extortion as a business
detect, including file- crime to combat – largely due to the model – with victims opting to
less attacks, exploits sheer scope of attack surfaces which restore data from backups instead,
of remote shell and can range from desktop computers the reality is that this isn’t always
through to laptops, tablets and practical. This is especially true for
remote control protocols, smartphones. companies, where the downtime or
encrypted infiltrations, lost productivity from denied access
Sometimes, the vector is simply
and credential theft. a phone: using social engineering
to the data can be higher than the
price of the ransom.
through an employee to gain access
McAfee Labs 2016
to a network, or con an individual out Recently, however, the ante was
Threats Predictions15
of money – as in the classic technical upped with the appearance of
support scam, of which the ransomware that claims to have
Government has a great summary encrypted files and asks for payment
at www.scamwatch.gov.au (also a for the decryption key, but in fact
great site to learn about other the files have simply been deleted
online scams). unbeknownst to the owner.46 Known
as Ranscam, the one upside to this
Ransomware and Cryptoware change in tactics is that if it becomes
The ease with which amateur the prevalent form of ransomware,
cybercriminals can get their hands it will destroy the trust – or what
on tools to extort money is increasing. little there is – between the criminal
So far in 2016 we’ve seen a prevalence and the victim that the data will
of cryptoware targeting both be recoverable. No honour among
enterprise and individuals, requiring thieves, it seems.
the payment of a ransom to unlock
encrypted files. Multi-vector attacks
Taking advantage of multiple
The most well-known of these was
concurrent attack mechanisms, a
Cryptolocker, said to have earned its
single attacker may try to penetrate
creators $US3 million before it was
an organisation on multiple levels in
shut down by a consortium involving
order to access different data, such
the US, the UK, and a number of
as targeting the CFO with social
security vendors and researchers.
engineering, with the aim to secure
03
While in an ideal world these ransoms financial information while using
would never be paid – and thus not spear-phishing targeted at office
staff to get malware installed.You can also read
