By Cameron Abbott and Harry Crawford
“Free” Wi-Fi isn’t necessarily so. The Wi-Fi provided in a Starbucks store in Buenos Aires was recently discovered to be planting malware onto customer’s laptops. This is another lesson in how cybersecurity can affect even the most innocuous corner-store businesses.
By Cameron Abbott and Harry Crawford
I’m sure I saw this in Die Hard 4 but “life imitates art”. A new type of malware has been discovered in a very rare field of operation for hackers: attacking industrial control systems. Cybersecurity firm FireEye has been tight-lipped in detailing the attack, but has indicated that it was against “a critical infrastructure organization” which inadvertently caused operations to shut down. The attack is also reminiscent of the infamous “Stuxnet” virus that was used against Iranian nuclear power plants in 2010. Read More
By Cameron Abbott, Keely O’Dowd and Harry Crawford
The Internet of Things (IoT) allows unprecedented interconnectivity for consumers, and unfortunately for those consumers, hackers as well.
The European Union Agency for Network and Information Security (ENISA) recently released a report to provide insight into the security requirements of IoT and good practices recommendations on preventing and mitigating cyber-attacks against IoT systems. The report even includes examples of IoT cyber security attack scenarios.
By Cameron Abbott and Giles Whittaker
Amazon Web Services rolled out an IoT service called IoT Device Defender to limit risks from unsecured IoT devices. The service will monitor an entire fleet of devices for compliance policies and best practices. As such, an organization can set the normal operational parameters and policies for a given fleet of devices and then Device Defender will make sure those policies are enforced.
By Cameron Abbott and Harry Crawford
Researchers are warning that AI threatens to increase the sophistication and effectiveness of cyberattacks, according to a recent blog post by the Wall Street Journal.
By Cameron Abbott, Keely O’Dowd and Olivia Coburn
The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight. The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.
By Cameron Abbott and Olivia Coburn
Drug and vaccine manufacturer Merck & Co Inc has quantified the impact of a cyberattack on its revenue at US$135 million. The company disclosed the figure in its third quarter earnings report.
The cyberattack occurred in June and forced Merck to halt production of its drugs.
By Cameron Abbott, Allison Wallace and Olivia Coburn
The personal details of almost 50,000 Australians have been published online by a third party government contractor, who is yet to be identified. And I guess you would feel a little shy about owning up to this one!
By Cameron Abbott, Rob Pulham and Olivia Coburn
A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.
The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.
Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.
By Cameron Abbott and Olivia Coburn
A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program.
The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane project, Collins Class submarines and the warships HMAS Canberra and HMAS Adelaide. The Government has emphasised that the stolen data is commercially sensitive but not classified.
The announcement coincides with the release of the Australian Cyber Security Centre’s 2017 Threat Report, available here, which reveals that the hack is among 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.
Copyright © 2024, K&L Gates LLP. All Rights Reserved.