Prime minister Scott Morrison on Thursday condemned the “pattern of malicious cyber activity” originating from Russia which have targeted business, media and political institutions around the world.
Morrison’s remarks come shortly after the United Kingdom’s intelligence agencies pointed the finger at Russia for frequent cyber attacks. Russia is responsible for some of the most infamous hacks of the 21st century, including the World Anti-Doping Agency, and the 2016 hacking and subsequent release of US Democratic Party National Committee emails.
“The online environment is not the wild west.” PM Morrison said.
Morrison conceded that although Australia was yet to be “significantly impacted, this activity affected the ability of the public in other parts of the world to go about their daily lives. It caused significant, indiscriminate harm to civilian infrastructure and resulted in millions of dollars in economic damage, including in Russia."
The prime minister was briefed by the UK’s National Cyber Security Centre (NCSC) who detailed their findings on Russia’s military intelligence arm, the GRU. Morrison says the cyber attacks launched by the GRU “caused significant, indiscriminate harm to civilian infrastructure and resulted in millions of dollars in economic damage, including in Russia.”
Fergus Hanson, a cyber-security expert for the Australian Strategic Policy Institute, cited by a Financial Review article explains that Russia isn’t too concerned by possible international outcry if their cyber-attacks are found out. “They do lots of stuff where they don’t worry about getting caught or causing collateral damage.” He said.
Morrison continued his attack on the GRU by stating that through their “pattern of malicious cyber behavior, Russia has shown a total disregard for the agreements it helped to negotiate.”
British Foreign Secretary Jeremy Hunt said: “The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in our countries… our message is clear- together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”
With these three statements, two of which are from high-ranking government officials, we can see a clear trend that cyber attacks and online security are no longer a science-fiction pipedream; they’re real, and they’re having disastrous real-world implications. According to a report cited by Forbes magazine, it’s estimated that cyber-crime will cost the world’s economy $6-trillion per year by 2021.
Nick Eubanks, author of that Forbes report says: “But more concerning than the [$6-trillion] number itself is what it means for modern business. Everywhere, companies are upping their cybersecurity budgets in an attempt to lower the catastrophic costs of a potential data breach.”
What’s left unsaid here is that while the immediate cost of a data breach can reach well into the millions, there are far more serious implications for you and your business if you are targeted. There’s the need to completely revamp your systems, something that will cost both money, and time. Far more importantly though is the breach of trust with your customers; who you’ve all but certainly lost. There’s also the stigma that will surround your business in the aftermath of the attack; you’ll always be the company that got hacked and lost everyone’s credit card details or home address.
It’s hard, bordering on impossible to recover from a serious cyber attack.
Now, for all those people sitting there thinking it’s a bit far-fetched of us to suggest you could be targeted by Russian hackers, we say don’t be too complacent. With cyber-security, complacency is akin to sticking your head in the sand with a rising tide, and in this day and age its almost a mathematical certainty that at one point in your life you’ll have a run-in with a malicious piece of software looking to steal your passwords, or directly from a phishing hacker.
Governments, multi-billion dollar conglomerates and the like have been investing heavily into their cyber-security measures, particularly in the light of several prominent hacks to companies like Facebook, Yahoo, Target, eBay, Adobe, Sony Pictures and JP Morgan Chase. Analysts often call it the most important hidden war currently being fought today, and it extends all the way from the commercial sector to high level geo-political wars being fought between sovereign nation states. Australia last year brought its funding into cyber security to just below $100-million.
Due to, in large part, these high-level attacks, governments have been one of the first to embrace this paradigm shift. No longer are these a thing of the future- they’ve been around for years now, and their impact is clear.
Equipping your business with a system like ISO’s 27001: Information Security Certification is a step you’ll need to take, if online security isn’t already one of your top priorities. It is a system rooted in the belief that there’s no such thing as obtainable perfection in the cyber realm, and will ask you to update your procedures regularly to keep up with the high-pace of the cyber world.
For some, it might seem like an extra expense, or extra work, but to others – particularly those that can see where world events are taking us - it will seem like the only reasonable action to make.
Get in touch with us to see how ISO 27001 can benefit your business, or check out our video below.