CRN How close are we to that level of awareness do you think?
Sean Without breachin we don’t know how many companies over this three million size point. We know if we do investigations and consult with particular clients, but who here would know the magnitude of the problem in Australia? If you can’t measure it it doesn’t exist.
Sanjay We find over 90 percent of the networks have malware on them in some shape or form, so it’s hitting everybody. It’s there. Now, if we go back to the role of government, an interesting role it could take is where they’re already spending a lot of money to understand problems to protect themselves, but also then reach out to say ‘here are the types of attacks that are coming towards Australia, and here’s how we recommend that you protect your business’. As opposed to ‘comply comply comply’, you don’t really understand what it means, and you may end up getting more secure by actually flipping that on its head to ensure security research. The US recently announced over the last few months that they’ve selected the organisations that are important to national security and have said ‘if we believe the threat is imminent we will inform you’. So all the small businesses raised their hands and said ‘hey we pay taxes too, why don’t you value me when you value everybody else?’. It’s a legitimate argument, but the theme is the right theme, that we protect our borders and protect our shores and everything else, but why don’t we protect our information assets in that same proactive sense?
CRN Sanjay, you recently stated there had been incidences whereby a certain malware had appeared only in isolated cases in the US yet seemed to spread everywhere in Australia. Could you expand on that for us?
Sanjay Earlier this year there was an outbreak that hit a service provider here in Australia. We reached into our global operations - where we look at about five terabytes of data every day - and said ‘what’s going on?’ and for that particular attack, we’d seen it 2,000 times in Australia over a two or three day period, and 50 times in the US. Was it targeted to some business in Australia? No. Was it targeted at an area of the world that has a preponderance of small and medium businesses, because it’s a soft underbelly? Absolutely.
CRN That’s a very frightening reality for Australian SMBs. The smartest evil hacker minds in the world have got onto the fact that there’s a whole bunch of companies in Australia that have very poor security policies, and they’re going after them. There is a scary couple of years coming up possibly?
Sanjay The flipside of that is we do research on where the attacks are coming from, and they’re not coming from here. But if they are, Australians are absolutely brilliant at acting because nobody is attacking them.
Keith The US is a top attacker country, but why? Because they’ve all got massive bandwidth right (massive connectivity), and connectivity, lots of computers there, and that probably contributes to it.
Sean We did some research last year looking at the threat exposure rates based on PCs and Android; We looked at the threat exposure rate in most of the developed nations where there has been a lot of infrastructure like the UK, Australia, US. There your threat exposure rate is higher with an Android handset than it is with a PC. But in Brazil, China and other Asian countries, there is a lot of pirated stuff. People don’t patch as much which increases risks for PCs. So it’s a strange situation where you solve one problem and you might not be paying the same attention to another problem.
Sanjay We did some research in the consumer world and consumers believe that their tablets and other devices are secure because they use a PIN.
Sean That’s better than nothing – locking your phones.
Sanjay Yes, it’s much better than nothing but they would never do that in the PC world. So they’ve chosen good solutions from everybody around the table for that, but when they go to the Android world, suddenly they figure out ‘as long as it’s secure for my two year old to log in, I’m good’ ---- and we all know the uptake of internet security on tablets compared to that on PCs is still relatively pathetic. It’s getting better, but still relatively pathetic.
CRN Sanjay, you said earlier the supposed BYOD revolution is a bit overstated and people would take gear with them in the past, but it’s the connectivity and downloading of the apps which is creating massive security headaches presumably for your customers?
Sanjay Yes, I think if you look at what’s changing, it’s the types of applications that are being accessed, and growing exponentially, and the importance of those applications is growing exponentially. At the same time you have the types of devices accessing those applications which is growing very rapidly, and the pipe whether it be NBN or anything else connecting those two things is also growing exponentially. So those things working in concert have really made the threat landscape a lot more scary than it was, but fundamentally an endpoint is still an endpoint. With your PC, your android device, if you know what the user is trying to do, if you know what applications they’re trying to access, and what data is sitting there, the type of endpoint doesn’t really matter.
Sean I agree to a certain extent that the information is the important thing that’s on these devices, or travelling to those devices, and that’s what you need to look at securing. The situation for most admins to get their head around is that you are constrained on these modern consumerised devices which have no concept of a user as such. If you are holding it you own it.