Home Assets & Fleet Cyber-crime-as-a-service adopts modern business models

Cyber-crime-as-a-service adopts modern business models

Cyber-crime-as-a-service adopts modern business models

Welcome to cybercrime-as-a-service, where criminal syndicates follow professional business models, research their markets, and even provide help desks.

Rita Erfurt

Cyber crime in Australia is prolific, overt and constantly evolving, Assistant Director-General of the Australian Signals Directorate (ASD) Rita Erfurt told a technology conference on Tuesday.

“Cybercrime-as-a-service is bringing a new level of actives into the cyber crime environment and making it much easier for people with low tech skills to be part of that ecosystem,” she told the Tech in Gov conference in Canberra on Tuesday.

Unlike state actors, cyber criminals are “loud and proud” and out to make a fast buck, Ms Efurt said.

“They will let you know they are there because they’re financially motivated and after a cashout,” she said.

“While they are illegal, they are following very professional business models, so they’ll research their victims, they’ll prioritise targets, they’ll focus spear-fishing and scams on topical issues.”

Cybercrime-as-a-service is bringing a new level of actives into the cyber crime environment.

Rita Erfurt

The modus operandi of this breed of cyber criminal can involve accessing systems and networks, compromising business emails, extortion, ransomware and blackmail regarding the public release of sensitive data.

“We’re seeing a lot of the double extortion model where a victims network will be encrypted through ransomware and the threat actor has also stolen data and used that as an extra way to get money,” Ms Erfurt said.

“Some will just directly on-sell information for profit without engaging with the victim,  or they’ll use a combination.”

State actors

The other category of cyber “bad guy” includes highly resourced and sophisticated state actors, who pose the greatest threat to national cyber security.

“They want state secrets, intellectual property, they want to know who we are, how we do business, what values we hold,” Ms Erfurt said.

 Over the last six years, cyber attacks in Australia have been variously attributed to state actors including China, Iran,  North Korea and Russia.

“We continue to see compromises reported using relatively simple tools and techniques like spear fishing, exploiting unpatched systems, using public vulnerabilities,” Ms Efurt said.

The deteriorating geopolitical situation, including the war in Ukraine, is also being reflected in cyberspace, she said.

76,000 cyber crimes reported

According to the latest ACSC Cyber Threat Report, there was roughly one cyber crime reported to the Australian Cyber Security Centre (ACSC) every seven minutes, amounting to 76,000 reports over the last year.

The report identified key trends:

  1. Cyberspace is now an established domain of warfare and a tool of statecraft
  2. Australia’s per capita prosperity makes it an attractive target for cyber criminals
  3. Ransomware is the most destructive form of cyber crime
  4. Critical infrastructure networks are being increasingly targeted

“Overall when we talk about the current state of our cyber threat environment we’re saying  that we’re seeing an increase in the scale, the frequency and the complexity of cyber threats and when we look across the entire Austrlaian economy there’s no sector that remains immune,” Ms Erfurt said.

“State actors and cyber criminals continue to pose a significant risk to Australia’s national security and prosperity.”

Data security a leading concern

Ms Erfurt said said data security remained the biggest concern and, according to what’s being reported, data is not being adequately safeguarded.

Analysis of all breaches reported to ACSC over the past year showed 41 per cent involved malicious actors exploiting valid accounts and credentials. Overall, 30 per cent of breaches had an impact on data.

Those figures, Ms Erfurt said, were “quite startling”.

“In 2023 when we’re saying 41 per cent of data breaches involve malicious actors exploiting valid accounts and credentials, that really speaks for itself,” she said.

Other key concerns were related to ICT supply chains, including cloud-as-a-service, which is commonly used by governments for tasks such as asset tracking and HR management.

A related concern involved foreign-controlled supply chains, which meant data stored in the cloud could be subject to foreign laws regarding access.

The best way governments could respond to the increasingly hostile threat environment was to get controls right, refer to the ACSC’s Essential Eight, minimise human error by building a cyber-secure culture and having in place regularly revised and tested incident response plans, Ms Erfurt said.

Like this news?

Leave a Reply

Your email address will not be published.