Bruce Bennie from Juniper Networks highlights the evolving security risks posed by emboldened, malicious cyber actors.
This year has seen cyber security in Australia come under the spotlight, with the consensus being that we, as a country, need to do more.
In late March, a major news network became the target of the largest cyber attack on a media company in Australian history, temporarily halting the production of both television and online news. In early June, a meat production company was the subject of a ransomware attack that left nearly 7,000 workers in Australia temporarily stood down without pay.
While the issues were eventually resolved, the global nature of the incident placed ransomware and cyber security at the top of the global conversation – so much so that it became a central conversation at the recent G7 Summit, where global economies and leaders committed to “working together to urgently address the escalating shared threat from criminal ransomware networks”. They also called on “all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions”.
Cyber attacks and threats are not, of course, a new issue for Australian companies. Back in 2017, the Australian government created a new military unit tasked with defending the country’s infrastructure against digital threats.
Despite Australia’s ongoing efforts, however, a report from the Australian Cyber Security Centre (ACSC) last year found that there were an average of 164 cyber crime reports per day in Australia, or one every 10 minutes.
Moreover, the findings note that the total estimated cost of cyber security incidents to Australian businesses is as high as $29 billion per year.
The way forward
During the week of the G7 Summit, the Morrison government was called to follow in the footsteps of US President Joe Biden and make ransomware and cyber security a national priority.
The Australian federal opposition introduced a bill earlier this month that would require both businesses and government agencies to notify the Australian Cyber Security Centre (ACSC) before paying a ransom.
Subscribe to the Defence Connect daily newsletter.
Be the first to hear the latest developments in the defence industry.
Similarly, to other global agencies and governments, the ACSC’s advice is to not pay a ransom as there is no guarantee that paying it will solve the issue.
Elsewhere around the world, a number of countries have taken creative steps forward in the fight against cyber crime. Finland, for example, has introduced new legislation that allows its citizens to easily change their personal ID codes should they be at risk of identity theft, while Estonia established a Cyber Defense Unit back in 2014 made up of volunteers trained by the Ministry of Defense.
More recently, the US government elevated ransomware investigations to the same level as threats of national terrorism, and strongly advised the private sector to increase its level of cyber protection.
Better cyber-safe than sorry
Despite calls for Australia to act at a political level, there is a lot that individual companies can do to safeguard against potential cyber threats.
Perhaps most importantly, firms should prioritise having a secure network on which they operate. While it can be easy to get yourself into a false sense of security and think that your organisation won’t be on the receiving end of such attacks, recent numbers suggest it is becoming increasingly likely.
Businesses must therefore take the necessary courses of action. Thankfully, research by Omdia shows that service providers are increasingly focused on addressing the security of their network, but more work needs to be done.
For organisations across Australia, actionable steps that can be taken include setting up next-generation firewalls to reduce the risks of attacks, installing threat-detecting software that can address attacks before any serious damage is done, and making sure that employees access data safely via secure data centres.
Services like these allow a company to gain a greater degree of visibility and control over the entire network, ultimately safeguarding them against potential threats. Nowadays, artificial intelligence (AI) and automation also play an important role in ensuring networks remain secure by analysing and highlighting any potential cyber threats before they strike and reducing the likelihood of human error.
For example, Japanese company Ricoh worked with Juniper Networks to build a secure and scalable network that allows its more than 90,000 employees across the world to access and send data securely.
Part of this expansion included the instalment of threat prevention software, allowing the company to protect against both known and unknown threats, and analyse encrypted traffic.
With this said, the recent flurry of cyber attacks has shown the need for the federal government to intervene and establish legislature that supports both the private and public sectors in their fight against cyber crime and ransomware.
Given that the ACSC receives an average of 164 cyber crime reports per day, it is clear that threats are prevalent and more needs to be done. World-leading policies, as well as innovation driven by our technology and security sectors, will ensure Australia is ready to tackle whatever digital threat comes its way.
Bruce Bennie is the vice president and general manager, Australia and New Zealand at Juniper Networks.