NBN hack attack a sign of bigger security issue: M86
- 04 August, 2011 14:04
Australia recently experienced its own high profile security scare when a NSW man was charged with hacking a National Broadband Network (NBN) provider.
The furore reached a point where Communications Minister, Senator Stephen Conroy, went to great lengths to emphasise that the NBN was not compromised or hacked, as the provider technically wasn’t signed-up for the NBN when they were hacked.
Whether the provider was part of the NBN or not, the hack has been positioned by the mainstream press as the first if its kind in Australia, though security vendor, M86, believes that this type of activity is happening to other networks around the country.
“Is it the first attack that has occurred in Australia? Absolutely not. Is it the first attack that has actually been caught and discovered? Yes,” M86 Asia-Pacific vice-president, Jeremy Hulse said.
“The reality is that attacks like this are happening in Australia, but I doubt that a lot of people are reporting it or aware that it’s going on.”
Hulse suspects that this hack points to a bigger issue of what exactly is going on in people’s networks that they’re not aware of.
“Could someone out there have access to all of your information?” Hulse hypothesised.
“In all reality, it’s much more beneficial for an individual to have access to something and not let anybody know that they have access to it than to actually try and do what this person was doing, which was damage and harm.”
The NBN attack has highlighted the ease with which anyone can access scripts from theWeb and hack into a network without much professional knowledge.
“What’s happening now is the malicious part of the hacking world has uncovered a few major flaws by which they can get around some of the most stringent security techniques available today,” Hulse said.
“A lot of it, we’re finding, is based on malware hidden within Web pages in very tricky ways and not signature based.”
Since this malicious code changes regularly, the ways that people can access the tools to hack is much easier, making traditional signature and database protection technologies ineffective.
“In 2007, what we saw was anti-virus signature and database technology capable of picking up 97 per cent of malware,” Hulse said.
“What we’ve seen coming into this year is that signature and database technology are only capable of capturing about 40 per cent of the malware floating around today.”
Hulse suggests the approach to looking at and stopping this type of signature needs to be multi-faceted, and there is no one solution fits all.
He also recommends moving beyond the thinking of just creating an anti-virus signature and instead looking at behavioural techniques to actually stop the malware.
“We have to employ much deeper techniques, as the cost of cybercrime annually in 2007 was $21 billion and annual spending on security was $22 billion, while those numbers have grown to $100 billion and $33 billion, respectively, in 2011,” Hulse said.
“So the whole industry has not kept up with the growth of hacking.”
When it comes to Australian business protecting themselves, Hulse recommends taking action sooner rather than later.
“I don’t think we’ve seen the last of the hacks, it will be an ongoing problem, and the reality is that it really needs to hit home that it’s an issue that people need to look at,” Hulse said.
“My question would be who is next and when is it going to occur, because it’s not an issue of 'if' anymore.”
M86 recently found that spam is down but malware attacks are up in the first half of 2011.