Security incidents going unreported: CERT Australia
- 18 February, 2013 12:46
Computer Emergency Response Team (CERT) Australia has called for more Australian organisations to report cyber security issues to the police following the results of its annual survey.
The Cyber Crime and Security Survey 2012 received responses about cyber security preparedness from 255 companies, which partner with CERT Australia. According to the survey, 44 per cent of respondents did not report cyber security incidents to law enforcement agencies such as the Australian Federal Police (AFP).
When asked why they had chosen not to file a report, 74 per cent stated that they did not think the incident warranted investigation.
In addition, 35 per cent of respondents wrote that they did not believe law enforcement agencies had the capability to conduct an investigation while another 26 per cent believed the cyber criminal would never get caught.
Of the companies who did report one or more incidents, 44 per cent were filed with a law enforcement agency while 29 per cent contacted CERT.
“Out of those respondents who did report a cyber security incident to law enforcement, 33 per cent stated that it was their understanding the incident was not investigated and 29 per cent stated they did not know the outcome from the referral, while 8 per cent of matters referred to law enforcement were reported to have resulted in a person being charged,” the survey said.
“These findings highlight that the CERT needs to articulate to business the benefits of reporting cyber security incidents to CERT Australia and to law enforcement, and that all information provided to the CERT is held in the strictest confidence.”
Turning to the type of cyber security incidents companies experienced, theft of a notebook, tablet or mobile device was the most common security issue with 32 per cent reporting that this occurred.
Viruses or worm infections were experienced by 28 per cent of respondents while Trojans/rootkit malware affected 21 per cent of businesses.
Unauthorised access and breach of confidential information were reported by 18 and 17 per cent of respondents. In addition, 16 per cent of companies experienced denial-of-service attacks.
Of the respondents who knew they had suffered an electronic attack, 71 per cent reported they had been subject to between one and five external attacks, whilst 44 per cent reported they had been subject to one or more internal attacks.
Turning to the computer security technologies used by organisations, more than 90 per cent of respondents indicated that they use antivirus software, spam filters, and firewalls.
In addition, more than 80 per cent said that they use access control and virtual private networks (VPNs) while 60 per cent use intrusion detection systems (IDS).
Almost half of respondents had deployed reusable passwords and multifactor authentication technologies such as biometrics, smartcards and tokens.
The survey also found that basic security policies are being applied by the majority of surveyed organisations. For example, 84 per cent deploy user access management while 73 per cent have external network access control.
However, CERT Australia reported that there are still areas for improvement. Less than half of respondents had plans in place for the management of removable computer media, such as USB sticks, and less than 25 per cent had policies and procedures in place for using cryptographic controls.
Only 12 per cent of respondents reported having a forensic plan in place. According to CERT Australia, these plans help monitor use of the ICT systems, provide mechanisms to recover lost data, and provide ways to protect information on systems.
While there were still areas for improvement with security policies, the survey did find that 52 per cent of respondents had increased their IT security expenditure in the previous 12 months.
“While it is unknown where this expenditure was directed within an organisation, it is a positive step demonstrating the need for continual investment in information security,” read the report.
Forty-two per cent had not increased their spending and 6 per cent did not know if their spending had increased or decreased.
About 11 industry sectors took part in the CERT Australia survey, with the greatest representation coming from energy (17 per cent), defence industry (15 per cent), communications (12 per cent), banking and finance (9 per cent).
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Ruggedized scientific calculator perfect for extreme math
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
CIOs to Become In-House Brokers -- and That's a Good Thing
The future of computing
Rebranded Quadmark revamps its IT solutions with Google Apps
The Singapore office was using Exchange as its email server but encountered various issues such as storage capacity limitations and difficulty in managing spam. Adding new users to the server was also a hassle that often required a third party vendor, resulting in a waste of time and resources. Quadmark also experienced email performance issues that slowed down their employees’ response time, leading to frustration among staff and clients. Quadmark’s management felt that it was unacceptable to continue it’s current solution and thus decided to streamline its IT infrastructure alongside its rebranding plans. The business wanted a unified and consolidated email service for its various offices. Quadmark also wanted to be able to house files and documents on the cloud.
All Flash and Databases - Storage Switzerland
This webcast explores how All-Flash enterprise storage compares to traditional disk-centric arrays. Learn how to best leverage Flash so databases thrive and limitations of I/O disappear, while exploring the pitfalls and peculiarities of Flash, and how to optimise its performance as a storage solution to ensure reliance, predictability and cost savings for a variety of enterprise workloads.
The F5 DDoS Protection Reference Architecture part 3 of 3
This whitepaper is the third in a three-part series on distributed denial of service attacks (DDoS) and multi-tier DDoS protection. This section refers to case studies of different approaches to deploying protection architecture, including an enterprise customer scenario, an FSI customer scenario and an SMB customer scenario. The paper explains how these options should provide the flexibility and needed to combat the modern DDoS threat.