24 Aug How Much Should You be Spending on Cyber Security?
Following the cyber-attack on the Australian broadcaster Nine in late March 2021, the Australian Broadcasting Corporation has reported doubling its spending on operational security bringing the total spending to $1 million.
Nine’s Cyber attack
The cyber-attack on Nine at the start of 2021 was the largest cyber-attack on a media Company in Australian history to date. It caused the networks’ news production systems to stop for over 24 hours.
From emails to editing systems, this “sophisticated and calculated attack” disrupted how the network delivered and presented its news. The attack took place at Nine’s Sydney headquarters leaving their systems inaccessible.
How did this happen? Cyber-attacks like these often begin with a simple phishing attack. This typically involves emails that replicate the look of legitimate emails from known sources such as suppliers requesting payment of an invoice via a payment link. Sometimes these spoofed emails can even appear as sent from colleagues utilizing the same company domain.
The end goal of these phishing emails is to encourage individuals to click on a link and can vary in sophistication. Once a user clicks on this link often times this initiates ransomware files which then encrypt and lock important files and can go as far as encrypting entire systems. Whilst these attacks are usually carried out for financial reasons, in the case of Nine no ransom was demanded.
Who is to blame for the attack of Nine? The current theory is that a foreign state actor is responsible for the attack and could’ve been deployed as a penetration exercise.
Following an attack like this (or any phishing or breach attempt), it is essential to address exactly what happened. As soon as the attack was identified staff were instructed to keep their devices off to help prevent the further spread of ransomware to other devices on the network. Then it was time to start to identify the specific vulnerabilities that were exploited to prevent future attacks. Any lost or corrupted data was likely replaced by physical backups.
After everything is restored, it is then essential to conduct a forensic examination to ensure everything that can be learned from an attack is discovered and rectified.
What can we learn from this?
This is another reminder that ransomware attacks like this can happen to anyone. In 2020 there were over 60,000 cybercrimes reported in Australia alone. The biggest lesson we can learn is that cyber security is nothing less than an essential part of life today. Investing in cyber security will help protect you from malicious attacks and has the potential to save you thousands if not millions by preventing a future attack.