In the aftermath of the cyber-attack on a US fuel pipeline in early May, Governments all over the world are reconsidering their exposure to cyber risk and the vulnerability of their infrastructure systems (The Economist, 2021). Even in Australia, the Secretary of the Home Affairs Department, Mike Pezzullo, is concerned about the possibility of a cyber-attack targeting Australian infrastructure in the near future (Haydar, 2021). Here, the provision of critical services such as energy, water and transport appear to be of particular concern (Haydar, 2021). While cyber-attacks are not a new occurrence for neither Australia nor the US (Haydar, 2021; Cohen, 2021), experts are concerned that the frequency and ferocity of these attacks will only increase in the future (The Economist, 2021). Problematically, the sources of these cyber-attacks are often hard to trace and even harder to resolve. Perpetrators of these attacks are motivated by various factors: including money, desire for confidential or classified information and the aim of disrupting operations. In the words of Ariel Cohen, energy and security expert at Forbes, “cyberwarfare is the warfare of the future” (Cohen, 2021).
In this instance, the cyber-attack which led to the closure of a Texas to New Jersey pipeline is attributed to a group named “DarkSide” The Economist, 2021). The attack was so significant as this particular pipeline transports 45% of the fuel for the East Coast of the US (Salam, 2021). The owners of the pipeline, a company called Colonial Pipeline, had to deal with the attack that involved ransomware and disrupted fuel supplies for multiples days (Salam, 2021). According to the Australian Cyber Security Centre (ACSC), ransomware is a form of malware (short for malicious software), that infiltrates your computer and prevents you from using it or accessing files (Australian Cyber Security Centre, n.d.). Then, cybercriminals request money (i.e., ransom payments) in exchange for allegedly returning access to your computer and its files to you (Australian Cyber Security Centre, n.d.; Salam, 2021). Interestingly, ACSC emphasises that they do not encourage making any ransom payments as it is not definite that you will be able to use your computer again, and you could become even more vulnerable to further cyber-attacks (Australian Cyber Security Centre, n.d.).
So, what exactly is malware?
Malware is a blanket term for software that is designed to damage, exploit or disable devices, systems and networks. With the rapid expansion of technology, consequently there are various ways to compromise device functions, steal data and bypass access controls. According to Symantec, there were 246 million new malware variants discovered in 2018 as well as a 25% increase in groups using destructive malware.
What are the most common types of malware?
Viruses target device functions by corrupting data, reformatting hard disks or completely shutting down the system. Computer viruses require human action to activate and can be found in spam emails from so-called “Nigerian princes” or downloads from sketchy websites.
Like the name suggests, Trojans appear innocent while hiding malware. They disguise themselves as legitimate software and create backdoors in security systems to let other malware in.
Unlike viruses, Worms spread without a host file. They spread over networks by exploiting operating system vulnerabilities and can replicate itself to infect other devices.
Adware is an aggressive advertising software than manifests in unwanted advertisements on your computer screen. It can be classified as legitimate or malicious – while legitimate adware asks for permission before collecting data, malicious adware can redirect users to advertising websites, change internet browser settings and collect data without consent.
Hiding in the background, Spyware tracks online activity and steals private information such as passwords and credit card numbers. Spyware is often bundled with legitimate software or in Trojans.
Predicted to cost the world 6 trillion dollars annually, Ransomware holds data captive and demands payment to release the data back to the user. It restricts access to the device by encrypting files on the hard drive or locking down the system. Once the attacker is paid, the system and data typically return back to usual.
Besides the obvious dangers of stealing personal information and shutting down devices, malicious malware also results in huge financial losses. An example of this is the 2000 ‘ILOVEYOU’ worm. Disguised as an emailed love letter, the worm caused over 50 million infections and it cost USD$10 billion to recover deleted files from backups. As one of the first major computer virus outbreaks, ILOVEYOU demonstrated how dangerous spam emails could be. When a user opened the attached love letter, the worm was set free not only to that computer, but also other devices that were connected by searching through documents, photographs and contact lists. Despite the progression of technology, worms prey on the naivety of internet users. ILOVEYOU may seem like a distant time but with the global pandemic, malware can still trick people just as easily by simply replacing the words ILOVEYOU with COVID-19. With cyberattacks becoming more omnipresent as we progress further into the digital age, what can be done to stop it?
Around the world, individual governments have implemented their own cybersecurity strategies, with Australia’s Cyber Security Strategy 2020 comprising of over $1.6 billion (AUD) in funding into upgrading cyber infrastructure, supporting small and medium enterprises (SMEs) as well as the operations of the Academic Centres of Cyber Security Excellence at the University of Melbourne. On paper, Australia’s cybersecurity investments have pushed them to 10th in the world on the Global Cybersecurity Index, yet there is more than one cybercrime reported every ten minutes, with even the RBA warning of the increased risk of cyberattacks, and the implications it has upon the economy.
McKinsey & Co’s research finds that key elements of a successful cybersecurity strategy include:
While Australia satisfies the former two through their updated cyber security strategy in 2020, criticism has been levelled at how the government is implementing their strategy to benefit the private sector, who are a key stakeholder in the cybersecurity battle. Without effective communication and operations between the government and the private sector, no amount of strategic planning can protect private businesses effectively.
Microsoft has also raised concerns regarding the Critical Infrastructure Bill, claiming that individual organisations are better placed than the government to determine how to respond to cyber-attacks. They describe government intervention during the initial phases of a cyber crisis as “extremely invasive”, yet this is a common issue across all governments in their bid to tackle cybersecurity.
Even the UK’s much lauded cybersecurity plans (1st in the world on the Global Cybersecurity Index) has also come under scrutiny over its “digital bureaucracy”, ultimately highlighting the fine line required when the government and private businesses interact to tackle cybersecurity measures.
References:
The CAINZ Digest is published by CAINZ, a student society affiliated with the Faculty of Business at the University of Melbourne. Opinions published are not necessarily those of the publishers, printers or editors. CAINZ and the University of Melbourne do not accept any responsibility for the accuracy of information contained in the publication.
