SYDNEY – Here’s perhaps the most disturbing thing about this week’s disclosure (CDN yesterday) that the Reserve Bank of Australia’s network has been hacked not once but twice: the hacks – which happened almost two years ago – had never been reported publicly by the bank.
That has certainly been noted by Trend Micro’s strategic markets VP Blake Sutherland, who has been visiting Australia and, with A/NZ MD Sanjay Mehta, yesterday briefed the Aussie IT media on this and other disturbing trends in the growth of APTs – security lingo for “advanced persistent threats”, or targeted attacks.
While APTs are often in the news some 99 percent go unreported, Sutherland told the reptiles of the press.
Most American states have now followed the lead of California in making such disclosures of hacking attempts mandatory, Sutherland said. But no such system has yet been introduced in Australia, despite some discussions within government.
And don’t hold your breath waiting for one to arrive. James Turner, an analyst with IBRS who is specialising in this area and working on a white paper on cybercrime Down Under, told yesterday’s gathering that it’s highly unlikely a disclosure system will be introduced in this election year, and could be as much as two years away.
Meanwhile Blake Sutherland told yesterday’s gathering that malware operators are growing more sophisticated and increasingly using social engineering to establish beachheads within business networks, which they use to gather information about the organisation and its individuals.
A smart protection strategy is essential for businesses and government agencies, he said – and Trend Micro has just the thing: its new “Custom Defence” system, which is said to not only detect and analyse APTs, but also to rapidly respond with force.
Major features are “Deep Discovery”, a threat detection and analysis platform claimed to detect zero-day malware, malicious communications and attacker behaviours that are invisible to standard security defences; and the use of multiple customer-defined “sandboxes”, in which the suspect code can be safely observed and hopefully neutralised.