Cyber security expert ECU’s Associate Professor Paul Haskell-Dowland has warned cybercrime costs the global economy a trillion dollars (US) and more than half of businesses do not have a plan to counter an attack.
He was guest speaker at the Netlink rebrand and security service relaunch at Perth’s Optus Stadium recently where Netlink Founder and Managing Director Steve van Blommestein assured attendees the company had an enterprise security suite designed to keep customers as safe as possible.
“I’ve had friends whose businesses have been shut down and that’s frightening,” he said.
“There is a rapidly growing requirement for business to keep themselves safe from cybercrime or they could find their businesses literally out of their control if they do nothing.”
The rebrand is the second in the company’s 27 year history and Mr van Blommestein said it clearly reflected the contemporary company Netlink had become and its ethos of providing simple solutions to complex problems.
“For over 20 years Netlink has been at the forefront of providing complete managed ITC services to its clients and cyber security has always been a large part of our bundle of products and services we offer our customers,” he said.
“Most of the breaches and attacks in the past were smaller organisations seeking ransomware and targeted phishing scams seeking payment for forged invoices."
“Today Digital Disruption has become the new norm. Countless companies and organisations have fallen victim to cyber-attacks, distributed denial of service and escalating ransomware."
“Not only have attacks become more common they have also become more sophisticated. So much so that the average corporate and enterprise clients do not have the knowledge or ability to fight off cybercrime independently."
“This has been the main driver for Netlink to expand its’ Cyber Security as a Service [CSaaS] suite of services, products and professional expertise."
“Using our services and global best-of-breed products, we have built a comprehensive and fully integrated, Cyber Security Solutions for our corporate and enterprise customers.”
Associate Professor Haskell-Dowland described the devastation companies could sufferer from hackers stealing information or using sophisticated ransom wear to cripple systems and extort money.
He used the case of a crematorium to show how susceptible some businesses were. Its computer system was relatively easily infiltrated by ethical hackers who then controlled such things as the furnace temperature and clients’ personal details.
He said despite the magnitude of the problem, 56 percent of businesses, big and small, do not have adequate safeguards.
“That’s horrifying considering there is a trillion dollars’ worth of damage being done every year; roughly $29 billion in Australia,” he said.
The presentation looked at the evolution of hackers as the ‘technology explorers’ of the early days, to the well organised cyber criminals with global reach of today.
The Professor explained American Kevin Mitnick was among the most notorious of his time and once regarded as America’s ‘most wanted’ before his arrest and incarceration in 1995 for computer crimes. He now runs Mitnick Security, a global provider of internet security specialising in testing security for governments, organisation and enterprises. He also commands a ‘six figure fee’ as a guest speaker.
Further, he said just as the IT industry had evolved rapidly, so too had cybercrime, where ‘hacks’ could be outsourced to collectives like Cult of the Dead Cow, many offering 24 hour support lines and using specialised search engines like Shodan to detect vulnerable technologies like webcam software.
A panel discussion of experts at the end of the Netlink relaunch heard that hackers using artificial intelligence can move faster than a human being can react and if businesses can’t match that technology, they would continue to lose.
The panel stressed the importance of backing up systems, testing those backups were working and importantly, then knowing how to restore them.
Associate Professor Haskell-Downland said history was littered with examples of organisations which assumed their backups were working, but after a critical incident found them blank because of technical failings.
“Even when you have system that’s reliably backing up your data, does anyone know how to restore it?” he asked.
“So many organisations have a backup system; maybe using the Cloud, but if they have no one on site who can reinstall the operating system, reconfigure applications and then download the data onto it, you don’t have a backup system."
“What you have is a data which is safe but that’s not a backup system. You need the entire thing from backup to recovery, and it needs to be rehearsed and not just at an individual computer level; you’ve got to do a to-scale process every now and again making sure that when that disaster occurs, you’ve got very clearly laid-out protocol and it’s rehearsed.”
