Blog

Last week the Australian government released its first Cyber Incident Management Arrangements report. Just days earlier, the TOLA anti-encryption act passed both houses of Parliament, despite strong public and tech industry opposition. What’s the key takeaway? Understanding your personal and corporate cyber security risks is more important than ever.

First, let’s look at why the TOLA Act (Telecommunications and Other Legislation Amendment) is so unpopular. Its goals are laudable – certainly catching child abusers and stopping terrorist threats are important to the country’s physical security. Perhaps the risk of opening an encryption back-door is a price worth paying, and the government has offered explanations to “myth-bust” (LINKS TO: https://asd.gov.au/speeches/20181212-tola-act-statement.htm ) this new legislation.

The bottom line, however, is that opening a back door to data encryption not only allows government agencies access, it potentially allows hackers access to operating systems. Like most cyber threats, the question is not if a breach will occur because of this new policy, but when. Let’s look back at the WannaCry ransomware attack. The vulnerability that allowed WannaCry access was discovered by the U.S. National Security Agency, but was not reported to anyone in private sector information security. Instead, they developed code to exploit the vulnerability, and that code was stolen by a hacking group.

This brings us to CIMA (Cyber Incident Management Arrangements). This report outlines how to coordinate government responses in case of a national cyber incident. Each governmental entity is developing specific protocol for incident management. A national cyber incident is defined as one that “significantly impacts… multiple Australian jurisdictions.” This could include malicious activity, a large-scale information breach, or the compromise of the system of a major public or private organisation that operates across multiple jurisdictions.

CIMA includes specific information about how a national cyber incident would be declared and designates the National Cyber Security Committee as the body to manage response efforts. The responsibilities of various levels of government are also outlined.

One of CIMA’s principles is shared responsibility, which “extends to business and the community, including small, medium, and large businesses, which are responsible for maintaining their own cyber security.”

If you are not certain about your personal or business cyber security, it’s time to learn more about My Personal Helpdesk. We offer a number of flexible membership levels, along with concierge computer services. If you want to secure your business operations, just get in touch and we’ll consult with you to give you the 24/7 coverage you need.

Last month a massive worldwide data breach was revealed – Starwood-Marriott hotels exposed half a billion data-rich records in one of the largest incidents ever, in any industry.

While this may be the largest hospitality breach, it is certainly not the first. Let’s review the past several years:

• March 2015: Mandarin Oriental Hotel Group confirms its hotel database has been breached.
• October 2015: The Trump Hotel Collection admitted to a year-long credit card system breach – one that had been suspected and reported on by outside security experts, but took several months for the company to acknowledge.
• November 2015: In what was perhaps an episode of foreshadowing, Starwood announced the discovery of credit-card stealing malware on point-of-sale cash registers in a number of its North American properties.
• December 2015: Hyatt acknowledges that since August cyber thieves had been stealing credit card information from 250 properties in approximately 50 countries.
• April 2016: Trump Hotels discloses another credit card system breach.
• July 2016: Kimpton Hotels begins an investigation into a possible system breach; two months later Kimpton acknowledges that data was stolen in the first six months of the year.
• February 2017: InterContinental confirms a breach at 12 properties; two months later, it discloses that more than 1,000 properties may have been compromised through malware on POS machines on site.
• July 2017: A third Trump Hotels breach is announced, this one tied to a significant payment and customer breach at the massive travel industry data services provider Sabre Corp.
• October 2017: Hyatt announces a second breach in less than two years, this time at more than 40 properties across 11 countries.

And now, the Starwood-Marriott breach – precipitated by the challenging merger of the two already-giant hotel chains after Marriott purchased Starwood for more than US$13bn. And just days after the merger was announced, Starwood disclosed a security breach that had been going on since 2014. This was different from their 2015 breach that involved POS credit-card stealing malware; this 4+ year cyber breach allowed unauthorized access into its reservation system.

What can you, as a consumer or business owner learn from this? First, that cyber breaches are often not readily apparent – your data may have been stolen years ago. And that cyber breaches are not always of systems you may consider threatening. Your hotel loyalty program, for example, may not be of high concern, but when it is tied in to reservation systems that also manage credit card data, the danger is much more apparent.

Keep a close watch on all of your credit card data – for yourself and any employees who might carry your corporate card. Make sure passwords, especially for any program that might include or expose credit card data (this would include virtually any retail or hospitality loyalty program), are changed frequently.

And, get protection on your personal devices and company systems. Blutone Technologies’ My Personal Helpdesk system is a flexible concierge service that watches your devices 24/7, giving you peace of mind and a much quicker notification than you will ever get from a large corporation breach that may not be discovered for months or years. Get in touch for more information.

The latest cyber security concerns span the personal and corporate worlds. Here are five we wanted to bring to your attention:

1. Be on the lookout for Spotify phishing emails. The purpose is to lure Spotify users into giving up their user credentials, which can then be sold or used to hijack users’ other, more profitable accounts – like online banking. This particular attacker has set up a convincing replica of the Spotify login – so be sure you check the actual URL before falling into this trap.
2. Fake apps – check out this recent article about 13 malware-laden fake apps on Google Play, and be sure to use caution when downloading any apps to any of your devices.
3. Doing any online shopping this holiday season? While deals are great, many of the “best” deals turn into disasters when thrifty shoppers give up their credit card details to fake e-commerce sites. Run a “WHOIS” domain search if you are suspicious, and be wary if the date created is very recent. Fake sites go up and down and up and down, similar to illegitimate telemarketing firms that move from place to place, phone number to phone number. Always shop with a credit card to keep thieves away from your bank account. And https: or a padlock symbol is not a guarantee that your shopping experience is secure or that the online store is not just a front for a scam.
4. Have any expiring domains? If you are using them for anything, have a site that used to be active, or have material in the domain you want to keep – be sure to pay your renewal! Criminals have been snapping up recently expired domains to take advantage of legitimate-sounding domain names and using them for ecommerce stores that steal credit card information. Don’t assuming your domain will still be available if you let it lapse, no matter how specific its name.
5. In a recent security report by StackRox, out of 230 organizations surveyed most are concerned that their cloud-deployments are not secure – and one-third of the respondents haven’t started or have just started creating security strategy plans. The respondents’ noted that misconfigurations and post-deployment security were what troubled them the most – and with more and more cloud computing errors leading to compromised and inappropriately exposed data, their fears seem well-founded. Just remember that, while cloud computing offers great services, the ease of access and breadth of data can sometimes be too easy (and too tempting) for hackers.

If you are concerned about securing your personal data as well as your company systems, Blutone Technologies offers the protection you need. Take a look at My Personal Helpdesk and find the system protection that’s right for you – and if you need anything, just give us a ring.

https://www.blutonetech.com.au/mph