INDEPENDENT NEWS

NZ gets a 'CERT' - What are the big cybersecurity threats?

Published: Tue 11 Apr 2017 05:18 PM
NZ gets a 'CERT' - What are the
big cybersecurity threats?
11 April 2017
The Government today launched CERT NZ, a cyber security unit that will track cyber attacks and offer information for internet users and businesses about online threats.
CERT NZ, which has been funded to the tune of $22.2 million over four years, will include an 0800 number and online reporting tools for logging suspected or actual cyber security incidents and will create threat advisories for IT professionals and businesses in conjunction with other CERT units around the world.
So what are the threats that CERT NZ will be increasingly trying to protect New Zealand internet users from? Recently we asked some of the country's leading cybersecurity experts to identify the big immediate and emerging threats.
Please feel free to use the comments from this Expert Q in your reporting.This is an abridged version - you can access the full version on our website.
- Dr Ryan Ko, University of Waikato
- Professor Hossein Sarrafzadeh, Unitec
- Dr Henry (Hank) Wolfe, University of Otago
- Dr Ian Welch, Victoria University of Wellington
Dr Ryan Ko, Head of Cyber Security Lab, University of Waikato:
Contact: ryan@waikato.ac.nz, +64 22 320 2761
Over the last year, what big episodes have we seen in cybersecurity globally that point to the most significant emerging threats?
“The Mirai botnet attack was probably the most devastating cybersecurity attack in recent times. It was not only the largest distributed denial of service (DDoS), disrupting major ISPs and companies worldwide, it also brought to light the dangers of insecure, vulnerable Internet of Things devices.”
What are the biggest threats cyber attacks pose to critical infrastructure in New Zealand?
“The biggest threats are probably the inability to respond quickly and effectively to attacks on the critical infrastructure in New Zealand. The recent establishment of the New Zealand Computer Emergency Response Team (CERT) is a step in the right direction but more capabilities, in terms of tools and awareness, are needed for all public and private stakeholders – big and small. This will allow them to be able to respond and get back to business quickly.”
Just about everyone is now connected to the internet via a laptop or smartphone - what are the biggest threats we face as individual internet users? (eg. apps, unsecured wifi, use of e-commerce)
"There are two big threats facing individuals now. The first are ransomware (e.g. TorrentLocker, variants of CryptoLocker, Locky, etc) which will encrypt the information of a user to make the computer or laptop unusable, and only unlock the information when the criminals receive the ransom payment (usually in the form of bitcoins).
"The second threat we face as individual users are the human-nature related threats, which we call 'social engineering'. With the promise of free wifi, or an email which provides some alarming information, an unknowing or trusting user will click on a malicious link which will result in a download and sometimes, execution of malicious software which will take over the computing device."
Are New Zealand businesses doing enough to combat cybersecurity threats?
"At the moment, New Zealand businesses are not doing enough to combat cybersecurity threats. It is encouraging to see organisations such as NetSafe, NCPO, InternetNZ, Office of the Privacy Commissioner, and the Institute of Directors roll out awareness campaigns relating to these. Yet we are still at a stage where some IT professionals will have graduated through traditional computer science or ICT training that did not contain security design or security-minded curricula.
"Small and medium enterprises form 97 per cent of New Zealand's economy but most of them are not well aware or equipped to respond to such threats. In 2014 I conducted a survey together with market research company Colmar Brunton for Vodafone, called 'Cyber Security NZ SME Landscape'. It found that while companies with defined IT security policies are confident in their understanding of potential cyber threats, as many as two in ten do not have guidelines on what to do if their company was attacked by a hacker or a serious malware.?
Professor Hossein Sarrafzadeh, professor of computer science, director of the Centre of Computational Intelligence for Cyber Security, Unitec:
Contact: hsarrafzadeh@unitec.ac.nz, +64 21 303 044
Over the last year, what big episodes have we seen in cybersecurity globally that point to the most significant emerging threats?
"As recently as October there was a series of distributed denial of service attacks that targeted a major Domain Name System (DNS) services provider (Dyn). This resulted in widespread disruption, preventing users from accessing major websites such as Twitter, Spotify and PayPal. This attack was the result of a large number of insecure internet connected devices, also known as the internet of things (IoT). These devices were controlled by hackers and used to act as cannons to direct a large amount of bogus internet traffic and cause disruption.
"We are seeing a rapid growth in the sale and distribution of IoT devices that are not properly secured. As more objects become connected to the internet the opportunity for attacks increases. Here in New Zealand, we are seeing a rise in ransomware attacks and whaling attacks. Ransomware attacks are mainly targeting the health sector.
"Another emerging threat is interference with political and financial systems. Recent attacks on SWIFT are very worrying and could seriously threaten our financial systems. In the last month alone, we have seen Tesco bank have 2.5 million pounds stolen from 9000 of its customers, coordinated cyber-attacks in the UK and Germany that left more than 1 million people without internet access. This has potentially large geopolitical implications."
Are New Zealand businesses doing enough to combat cybersecurity threats?
"This is an ongoing and evolving threat and so there will always be opportunities for improvement. Many larger organisations have a dedicated cyber security team that raise awareness within the company, develop their security architecture and monitor their network for suspicious activity. Many organisations also share threat intelligence information to keep each other updated with cyber threats in real time.
"The challenge, however, sits with small to medium businesses who may not have the individual expertise within their teams or the budget to effectively deal with cyber threats. Not only may they lack the resources, but also they may lack security technologies such as Security Information and Event Management (SIEM) softwares, which are prohibitively expensive for most organisations. For these reasons, they are increasingly becoming targets for cyber terrorism.
"New Zealand is a country made up of mostly small to medium businesses and so it is critical for our country as a whole that we do more to support these businesses Simple things like employee training, maintenance of anti-virus software and health checks of a business’ systems will decrease their risk of being attacked."
Dr Henry (Hank) B. Wolfe, Associate Professor, Information Science, University of Otago:
Contact: hank.wolfe@otago.ac.nz, +64 3 479 8141
Just about everyone is now connected to the internet via a laptop or smartphone - what are the biggest threats we face as individual internet users? (eg. apps, unsecured wifi, use of e-commerce)
"In my humble opinion, the cell phone presents the most ubiquitous threat to everyday computer usage. In four of the main bus routes in Dunedin, we have identified 7,499 unique Wi/Fi sites. People, as a matter of routine, connect to whatever Wi/Fi site is available wherever they are and perform private actions without any concern as to why they are receiving this service, essentially free.
"In this life, if there is one given, that has to be that nothing is free. The cost of providing the Wi/Fi service must be born by someone or some organisation. Why would they provide that service to the public without receiving something for it?
"How many of these 7,499 sites are observing the user’s activity and recording it for some unknown purpose? That purpose could be selling the information or making use of the information captured for some illegal purpose. There are no real safeguards."
Looking out to 2020, what are the biggest emerging cybersecurity threats that you see?
"More and more exploits are being developed for cell phones because this is an information-rich environment without much in the way of protection. There are 7.3 billion active mobile accounts now and that number is growing. The providers and developers spend an inordinate amount of time making their products so convenient that they become indispensable.
"They seem to spend very little time trying to secure the environment. The cell phone is the most ubiquitous surveillance device ever conceived by man. There may come a time, if we allow it, where everyone MUST have a cell phone in order just to live. That would be sad."
Generally, who are these cyber attackers, and how has the nature of cyber attacks changed in the last decade?
"The bad guys have figured out that going to a bank with a gun nets them $7,500 and 5-10 years in jail (90 per cent plus chance of getting caught and convicted). Going to the bank via a computer nets an average of $250,000 and has a reduced exposure to being caught.
"Computer crimes, in general, are punished at a much-reduced level as compared to physical crime. Today, everyone wants your data and is willing to pay for it. Privacy is archaic and most young people don’t value it. Therefore, the bad guys want to compromise big data for ransom, resale."
Dr Ian Welch, Associate Professor, School of Engineering and Computer Science, Victoria University of Wellington:
Contact: ian.welch@ecs.vuw.ac.nz, +64 22 084 8265
Just about everyone is now connected to the internet via a laptop or smartphone - what are the biggest threats we face as individual internet users? (eg. apps, unsecured wifi, use of e-commerce).
"Ransomware remains a major threat to individuals. Ransomware is software designed to look benign, that is delivered via email or messenger to victims who are tricked into installing. The software encrypts their files and instructs users to send a ransom in bitcoins.
"Ransomware is very profitable due to the targeted nature of the attack resulting in a high conversion rate of contacts to payback (the emails are more sophisticated than the Nigerian prince type scams) and the fact that it pushes the costs of collecting the money onto the victim.
"Ransomware takes advantage of two things: (1) technical -- operating systems that provide too many privileges that can be exploited (compounded by home users often using the administrator user as their main profile); (2) social -- people find it hard to evaluate what is and isn’t a genuine request in the absence of training, and also attackers exploit natural cooperative behaviours that have served us well in the past but don’t always work so well in the cyber world."
What promising research are you seeing that points the way forward to more effective cybersecurity protection?
"Data mining and artificial intelligence (AI) is still a big help in the fight against new threats, in particular transfer learning that allows AI systems to transfer previous learnings to new domains. Very important in a world where attackers change their methods day by day.
"Technologies such as software defined networking; building systems that dynamically reconfigure the network in the face of threats. Similar systems do exist (CISCO for example) but these are quite inflexible and require you to use the one vendor everywhere. We want open and transparent solutions."
Science Media Centre
Our aim is to promote accurate, evidence-based reporting on science and technology by helping the media work more closely with the scientific community.
The Science Media Centre is New Zealand's only trusted, independent source of information for the media on all issues related to science. Thousands of news stories providing context from and quoting New Zealand researchers have been published as a direct result of our work.
Contact science media center
Website:
Mobile:
Twitter:
YouTube:
Phone:
Facebook:
Email:
Postal Address:
PO Box 598, Wellington 6140

Next in Business, Science, and Tech

General Practices Begin Issuing Clause 14 Notices In Relation To The NZNO Primary Practice Pay Equity Claim
By: Genpro
Global Screen Industry Unites For Streaming Platform Regulation And Intellectual Property Protections
By: SPADA
View as: DESKTOP | MOBILE © Scoop Media