A cyber security report has found that the energy industry is the most targeted private sector for cyber attacks, with the highest number of compromised systems and among the most likely to receive malicious emails.
The Australian Cyber Security Centre (ACSC) Threat Report 2016 found that in the past financial year, cyber emergency response body, CERT Australia, dealt with 14,804 cyber security incidents, 18 per cent of which were targeting the energy industry.
Of the 14,804 incidents, 418 involved systems of national interest and critical infrastructure.
The report, which provides information about the trends in cyber security and offers solutions to protect against threats, said malicious cyber activity against the private sector risked “the profitability, competitiveness and reputation of Australian businesses”.
Australian networks – such as those of utilities – that hold large amounts of personally identifiable information will continue be targeted by cyber adversaries.
Cyber attacks that target utility equipment and systems can also cause long, expensive delays, due to high industry equipment customisation and longer-than-average lead times.
As utility infrastructure becomes increasingly interconnected and dependence on the grid rises, attacks on the sector could result in widespread economic and psychological damage to the Australian population.
The ACSC identified various types of malicious cyber activities, such as cyber attacks, cyber espionage, cybercrime and cyber terrorism.
The report found that the most recent trends in threats to cyber security include:
- Spear phishing involves using increasingly sophisticated socially engineered emails to acquire company information. Social engineering uses manipulation and deception to create trust and draw out information.
- Ransomware is a campaign where a compromised system encrypts important files and then takes the victim to a site where a ransom in bitcoins can be paid to regain access to the files.
- Malvertising is when malware-infected advertisements are inserted into legitimate sites and downloaded when victims click on the advertisements.
- Secondary targeting occurs when low-value targets are accessed by cyber adversaries because of their trust relationship with the real target. This can be used to gain information or access to the target systems.
The ACSC said, “In cyber security, prevention is better than a cure”, recommending companies take appropriate preparation, including identifying, monitoring, maintaining critical systems and processes.
The report also instructs businesses to have systems in place for swift response, such a lists for emergency personnel or mechanisms to identify affected parts of the network.
Organisations should reflect on how much personal information they actually need to collect, the systems in place to protect it, with whom it is shared, and expectations on the staff who manage the information.
The ACSC relies on voluntary self-reporting, and encourages companies to report cyber incidents as much as possible, as this increases the understanding of the “threat picture” for Australian networks.
Is your utility prepared for the threat of cyber crime? Our event, Secure Utilities, being held at the Rendezvous Hotel in Melbourne on 23 March 2017, will ensure you’re up to date with the latest thinking and technology to keep your utility’s assets and data safe.