Cyberattacks on the rise in ANZ
There is no respite from cyberattacks. Almost two-thirds (62%) of New Zealand and Australian IT professionals responding to a joint ISACA and HCL Technologies survey expect a cyberattack in the next 12 months. That grim outlook is based on experience: 41% of respondents reporting an increase in cyberattacks in the past year, the six most frequent attacks being:
- Social engineering (13%)
- Advanced persistent threats (12%)
- Denial of service (11%)
- Third parties (10%)
- Unpatched systems (9%)
- Insufficient logging and monitoring (9%)
The global pandemic has, according to ISACA CEO David Samuelson, been the perfect breeding ground for cybercrime. Organisations are responding by improving their defences with half of respondents either adopting a secure access service edge (SASE) model or a zero trust architecture security strategy. Meanwhile AI is fully operational in a third of the security operations of survey respondents. As a result of these and other measures, over two-thirds of IT respondents are confident in their ability to detect and respond to cyberthreats.
The message to be vigilant is also getting through at the top, with 81% of respondents indicating that their executive leaders “see value in conducting cyber risk assessments.” And really you do have to wonder what CEOs in the other 19% of companies are thinking. Samuelson is probably (for most of us) stating the obvious when he comments:
With the increase in the number and rate of cyberattacks worldwide, cybersecurity professionals are facing a challenging threat landscape that requires constant vigilance. These survey findings illustrate just how essential it continues to be for the global cybersecurity community to actively keep up to date with best practices and training, and ensure their teams are well staffed to detect and respond to attacks.
NZ condemns state-sponsored cyberattacks
By now we’re all aware that it is possible to buy a cyberattack on the web. Even school kids know how to do it, according to Network for Learning, which describe it as the modern equivalent to ringing the fire alarm when there is no emergency. Unfortunately, the cyberattacks organisations have suffered in the past year aren’t child’s play.
When the Minister for Government Communications Security Bureau (GCSB) Andrew Little condemned “Chinese state-sponsored actors” as being involved in exploiting Microsoft Exchange vulnerabilities in New Zealand in 2021, it was a public declaration that geopolitics is very much part of the scene—and IT professionals had better be paying attention.
Paul Buchanan, director of 36th Parallel and a former intelligence and defence policy analyst to the US government who is a New Zealand citizen and public commentator on state security issues here, had plenty to say about Little’s public statement in an Evening Report podcast this week.
Buchanan says that New Zealand was standing with its partners in the Five Eyes alliance, along with other Western democracies, when Little’s statement was issued. He also reports the minister’s comments were followed up by Head of the GCSB Andrew Hampton, who says there have been 250 cyberattacks on New Zealand targets during the past year, and 80% of these are from the Chinese.
Buchanan called the Chinese response to these claims “muted”, which to him is revealing and suggests that the Chinese leadership realised it had gone too far. Buchanan says that the Chinese, like the Russians, often work with criminal organisations to share cyberhacking technology. The Chinese have tended to focus on specific targets—military, diplomatic, economic—but the Microsoft vulnerability was something else. “It was very irresponsible, and it was unprofessional because they were easily traced,” Buchanan says.
His analogy is that of a jewellery thief who breaks into a shopping mall to steal expensive items in the jewellery store and on the way out gives the keys to the mall to the mob, who then proceed to ransack every store.
Government agencies working with criminals is a fraught alliance because the latter are, well, crims. But in Russia and China these agencies don’t have a choice, Buchanan says, because their governments need access to the latest tech, and the crims often have it. In the Western world, Buchanan says government agencies turn to private companies such as Palantir Technologies, which he describes as public-private company owned by the CIA’s venture capital wing and tech entrepreneur (and New Zealand citizen) Peter Thiel.
By the way, Buchanan points the blame for the Waikato District Health Board cyberattack at the Russians.
An IT take on the gender-reveal party
Vendor selection for multiyear digital transformation programmes is not to be taken lightly. The decision will stay with the organisation for many years, possibly decades. It really is a big deal, and the selection process usually involves multiple stakeholders.
So, when Mitre 10, which are embarking on a major refresh of their tech stack as part of a five-year transformation, shared their vendor pick with their team, they threw a party. It was their take on the modern “gender reveal” party, when the soon-to-be parents learn at the same time as their friends the gender of their yet-to-be-born child. This is usually done in a fun way, such as a layer of pink or blue icing hidden in a cake. In the case of Mitre 10, they held a party for the 80 staff who’d assisted them and shared the news by releasing balloons in the shape of three letters: SAP.