Cyber espionage threats against Australia rise: ASIO
- 11 October, 2012 09:17
Cyber terrorism and espionage have been highlighted as growing threats to Australian organisations and government departments, according to a new annual report by the Australian Security Intelligence Organisation (ASIO).
The Annual Report 2011-12, which was tabled in the federal parliament this week, found that ASIO completed more than 150,000 counter terrorism security assessments during the reporting period.
“Emerging technology and an Internet-connected world offer new avenues of espionage,” read the report.
In-depth: Information security 2011 Research Report.
“The espionage threat is evidence by foreign intelligence services seeking agents in relevant positions, including in the Australian public service and working for Australian businesses, but also seeking access to any computer system or network holding data that could be targeted for espionage activity.”
According to the report, cyber espionage state and non-state actors continued to target Australian organisations.
ASIO pointed out that critical infrastructure, such as SCADA networks, is one area organisations need to focus on protecting in Australia.
“Critical infrastructure by its very nature poses a potential target for those who wish to do harm to Australia and so careful consideration must be given to matters having an impact on the security of critical infrastructure,” read the report.
“No single element of critical infrastructure stands alone and the potential for threats against auxiliary assets must also be considered.”
Over the 2011-12 period, ASIO provided 25 briefing sessions on potential or specific threats to critical infrastructure and produced 22 reports. These were sent to more than 153 government and private sector organisations.
Turning to terrorism, ASIO reported that international influences through the Internet will continue to inspire some Australians to potentially join terrorism groups such as al-Qa’ida.
“Over the 12 months, al-Qa’ida and its affiliates have suffered a number of setbacks including the loss of senior figures such as Anwar al-Aulaqi, in Yemen,” read the report.
“The continuing counter-terrorism efforts of Australia’s partners in South-East Asia are also having an effect on regional extremist networks, although terrorist threats persist.”
However, ASIO conceded that these setbacks have not lessened the extent of what the report referred to as “violent jihadist” groups to promote, foster and engage in terrorism.
“The global tempo of terrorist activities, including attacks, attempted attacks, plotting, fundraising and recruitment, remains undiminished.”
The report went on to highlight ASIO’s connection with the Australian arm of the Council of Registered Ethical Security Testers (CREST) which was established in March 2012.
“CREST Australia is the product of co-ordinated engagement with industry involving ASIO, CERT Australia and the Defence Signals Directorate [DSD] and will have an important role in establishing clear and agreed standards for cyber-security testing.”
According to the report, the CREST standards will help the business sector be confident that the work conducted by CREST-accredited IT security professionals is completed with integrity, accountability and to agreed international standards. In addition, CREST Australia is affiliated with CREST Great Britain.
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Seeing the Forest for the Trees - A Systematic Approach to Application Performance Monitoring
- Unlock the value of virtualisation with the IBM SmartCloud Foundation
- Transforming Virtualised Infrastructure: The Key to Enabling Mission-critical Databases and Applications
- Migrate From Solaris with Confidence
- Open Clouds Under your Control
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Integrated Computing Platforms: Infrastructure Builds for Tomorrow’s Data Centre
Integrated Computing Platforms, such as EMC VSPEX RAs, provide a solution by eliminating the time (and cost) of designing, testing, and engineering integrated environments with components built independently of one another. These validated architectures are ready for production environments upon delivery, and offer a single point of support should IT require it. Learn more on how a leading IT vendor has aligned product innovation with an IT market need to improve efficiency, performance, and value for SMBs.
The Foundation for Cloud Management
For businesses looking to provide real-time business solutions to employees and customers alike, you need to have a comprehensive network management strategy. The network is the foundation of all successful cloud services; it must be robust to meet traffic, efficiency, and performance demands. Download today the four steps to get your network operations cloud-ready.
Choice and Control – Considerations for Developing Enterprise Cloud Strategies
Enterprise-wide cloud implementation can be a challenging process, requiring a thoughtful, strategic approach. In this whitepaper, IBM® shares considerations for developing enterprise cloud strategies. It looks into how the rapid-scale enterprise-class environment can help enable the type of agile infrastructure that aids organisations in quickly meeting the demands of an ever-evolving marketplace, thereby providing true business value. Read now.