COVID-19 has impacted our work environment and associated cyber security landscape like no other global event in recent history. Understanding the vulnerability and building cyber security capability is key to building a resilient cyber strategy.
On 19 June 2020, Prime Minister Scott Morrison announced that Australian governments, businesses and political organisations, are actively "being targeted by a sophisticated state-based cyber actor".
In the wake of this startling revelation, the federal government announced it will create more than 500 new jobs to boost the cyber security capabilities of the Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC).
Representing the largest ever investment in cyber security in Australia, this is part of the federal government’s $1.35 billion to develop new capabilities and improve the understanding of malicious cyber activity to better detect and defeat emerging threats.
As with so many other ill-fated sectors of the economy, the number of cyber attacks has also grown since COVID-19’s global spread. Keeping ahead of these threats is now more imperative than ever.
At the time, Morrison said “we know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used". In cyber speak, an advanced persistent threat (APT) is an attack in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network to mine highly sensitive data.
APTs are not new and often state sponsored. A well-known attack, APT38, also dubbed ‘Lazarus’, was backed by the North Korean government and was widely credited with the 2018 WannaCry ransomware attacks. Other APTs have reportedly been responsible for election tampering as well as extensive targeting of the defence, technology, energy, and healthcare sectors.
Over time the risk hasn’t diminished. Earlier this month, Australia's Defence Minister Linda Reynolds said the following:
Nations are increasingly employing coercive tactics that fall below the threshold of armed conflict… Among the greatest of these threats are cyber-attacks. With growing frequency, these attacks target all levels of Australian society. Government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
COVID-19 has impacted our work environment and associated cyber security landscape like no other global event in recent history. The remarkable transition to remote home office, often with reduced controls, has increased our vulnerability to malicious cyber activity.
KPMG’s global cyber intelligence team has seen a global increase in cyber-attacks since the start of COVID-19. This includes attacks on Australia. The official stance from government in June is a reminder that that we are under a relentless cyber-attack aimed at all sectors of our community, not just government or the ‘big-end’ of town.
With the increase in geo-political tensions and the reduction in global wealth, this situation is unlikely to go away.
Protection will always be the best remediation. It is critically important to improve, update and continually monitor our national cyber security as a vital part of Australia’s national defence strategy. Amidst COVID-19 we need to remain vigilant and conscious that we are only as strong as our weakest link.
A first step is to have the right mindset and the recognition that any person or organisation can be a victim irrespective of the sector you work in or position you hold. Last year saw a spate of widely-publicised cyber-attacks against Australian universities and individual contractor attacks on government and business alike.
To protect we can:
Good cyber security practice includes: