As we said before, they hack an attorney, because the attorney has a VPN to one of the mining companies, and the nation state wants to know about that mining company, before they go to a billion dollar spot price with a tonne of ore or whatever it might be and we know that those are real scenarios that happen.
I don’t think there’s anybody safe anymore. Depending on the hackers, and there’s also a scale of hackers, that would be operating at a very low level, $30,000 is a lot of money. Others operate at a much larger level.
Sean It’s also the ransomware market. It doesn’t have to be hundreds of thousands of dollars, and that’s a fast growing trend sector.
CRN There’s some school in Queensland that got ransomware attacked and it cost them eight thousand dollars. For all we know that could have been a six year old child or something.
Sean This is the outbreak from outside, warning you have some threat to deal with, ‘please pay us some money and we’ll fix it for you’. Ransom ware has now become that. It’s far more direct, and it says ‘screw you, give us some money’. There’s some few Windows scammers who try to convince you you’re under threat from some legal entity, and Western Union is the way we always pay fines in Australia. But the ransom ware I agree with Craig has become very much the warhead of choice for targeting individuals, and small organisations, because these are really vulnerable because they don’t block everything, they don’t encrypt, so it doesn’t take a long time. It takes Word Files, take Excel Files, take images, take the common things that most people will be using and hold them ransom.
Aviv I find it quite amazing. I recall reading research a couple of years ago from HB Garry that became famous or infamous in their own right for a different reason. They’ve actually published research that they claimed the organised crime is making more money today from computer fraud than actually from drug trafficking. So that will give you an idea that when it’s financially motivated, where it’s all coming from.
We know it’s definitely an entire economy full of bad guys. There are ‘bot herders’ that sell bots to other attackers, be it spammers or spam for an organisation, organised crime or legitimate whatever it is that has other motivation behind it. They will sell services, you can buy some services online and there are tools online (with support contracts). It is generally things like a three month contract, but if our malware is detected, we’ll give you some new ones.
Sanjay We talk about the bad guys a lot, but if you look at the people buying Malware, sometimes they’re people we consider to be good guys, like large governments, who are actually just trying to attack other governments. So if you track some of the major attacks and go back to the people who bought malware, and you might be shocked who those purchasers were.
The other interesting thing is that we all know that we need more user awareness training, and we need to classify our data, but the opportunity to do that correctly may have closed. So five or ten years ago, the security officer might go to the CIO and say ‘you know what, we need to take a six month hiatus here, from pushing more aggressively and let’s get our security controls under control’. If you try to take that type of hiatus now, all your apps are going to be in Amazon the next day, because shadow IT is massive. So those windows are closing very rapidly and there’s no opportunity to do it in any comprehensive way, you have to do everything at the speed of business now and that speed is very, very fast.
CRN With this ransomware, does anybody understand why there was such a spate of attacks in Queensland recently.
Sean I suspect some of that goes down to the fact just that it was reported. Qld Police has done a great job in involving the community and actually trying to raise general awareness. Qld police have gone further to try to create an environment where people are aware of the threats which are facing them. It may also be that there are a lot more people retired in Qld who aren’t terribly secure.