November 2016

Cybersecurity
Threats
Challenges
Opportunities

Preview
Download the full version at:
[Link]/insightsandpublications/[Link]
46 %
THREAT VECTORS BY INDUSTRY
The vectors by which industries are compromised.
Source: Verizon 2015 Data Breach Investigations Report

FINANCE
INFORMATION

PUBLIC SECTOR
EDUCATIONAL WEB
FINANCE APPLICATIONS RETAIL

9.4%
ENTERTAINMENT
HOSPITALITY

CRIMEWARE
POINT OF SALE
18.8% 28.5%
OF THE WORLD’S MISCELLANEOUS

POPULATION 14.7%
IS CONNECTED
TO THE PRIVILEGE
MISUSE
INTERNET CYBER
ESPIONAGE
10.6% MINING

18% HEALTHCARE
ADMINISTRATIVE

What is
PROFESSIONAL
INFORMATION
MANUFACTURING

cybersecurity?
As with any technological advance throughout opportunities for cybercrime have of critical business or government
ballooned exponentially. intelligence, that drives the cyber The increasing
history, whenever new opportunities are created, underworld.
Combating this is a multi-disciplinary prevalence and severity
there will always be those that exploit them for affair that spans hardware and One fact remains clear: it’s only of malicious cyber-
their own gain. software through to policy and people going to increase. As we integrate
enabled activities…
Despite the threat of viruses and – all of it aimed at both preventing technology further into our lives, the
malware almost since the dawn cybercrime occurring in the first opportunities for abuse grow. So too, constitute an unusual
of computing, awareness of the place, or minimising its impact then, must the defences we employ and extraordinary threat
security and sanctity of data with when it does. This is the practice of to stop them through the education to the national security,
computer systems didn’t gain cybersecurity. and practice of cybersecurity.
foreign policy and
traction until the explosive growth of
the internet, whereby the exposure
There is no silver bullet, however; economy of the United
cybersecurity is a constantly evolving,
of so many machines on the web States. I hereby declare
constantly active process just like the
provided a veritable playground for
threats it aims to prevent. a national emergency
hackers to test their skills – bringing
to deal with this threat.
down websites, stealing data, or What happens when security fails?
committing fraud. It's something we While what frequently makes the
Barack Obama,
now call cybercrime. news are breaches of user accounts
President of the United States
and the publication of names and
Since then, and with internet
passwords – the type that the Ashley
penetration globally at an estimated
Madison hack publicly exemplified
3.4 billion users (approximately 46%
– it’s often financial gain, or the theft

01
of the world’s population), the
 The US government
has increased its annual
cybersecurity budget
by 35%, going from $14
billion budgeted in 2016

Through the to $19 billion in 2017.

This is a sign of the times

looking glass
and there’s no end in sight.
Incremental increases in
cybersecurity spending
are not enough. We expect
The following is a snapshot – just a sample – of the businesses of all sizes
stories that made the news during the production of and types, and govern-
this guide. These headlines give you an insight to the ments globally, to double
ongoing, every day, occurrences of what happens in down on cyber protection.
the absence of cybersecurity.
Cybersecurity Ventures

‘LINKEDIN USER? ‘HACKER STEALS 45

MILLION ACCOUNTS FROM
‘A HACK WILL ‘CITING ATTACK, GOTOMYPC
RESETS ALL PASSWORDS’
‘WHY YOU
YOUR DATA MAY BE KILL SOMEONE
UP FOR SALE’ HUNDREDS OF CAR, TECH, SHOULD
SPORTS FORUMS’ WITHIN 10 YEARS ‘POLITICAL PARTY’S DELETE THE
AND IT MAY VIDEO CONFERENCE ONLINE
‘EASYDOC
‘10 MILLION HAVE ALREADY SYSTEM HACKED,
MALWARE ADDS
HAPPENED’ ACCOUNTS
TOR BACKDOOR ANDROID ALLOWED SPYING
ON DEMAND’ YOU DON’T
TO MACS DEVICES ‘CHINA HACKED US USE ANYMORE
FOR BOTNET REPORTEDLY ‘ONLINE BACKUP FIRM
BANKING REGULATOR’ – RIGHT NOW’
CONTROL’ INFECTED CARBONITE TELLS USERS
TO CHANGE THEIR

‘LIZARDSTRESSER BOTNETS
WITH CHINESE ‘APPLE DEVICES PASSWORDS NOW’ ‘MASSIVE DDOS ATTACKS

USING WEBCAMS, IOT MALWARE’ HELD FOR RANSOM, REACH RECORD LEVELS’

GADGETS TO LAUNCH RUMOURS CLAIM ‘ANDROID

‘HACKER
DDOS ATTACKS’ ‘THIEVES GO HIGH-TECH 40M ICLOUD RANSOMWARE HITS DEMONSTRATES HOW
TO STEAL CARS’
ACCOUNTS HACKED’ SMART TVS’ VOTING MACHINES CAN
‘DDOS ATTACK BE COMPROMISED’
TAKES DOWN ‘CROOKS ARE ‘RESEARCHERS ‘HACKERS CAN USE
US CONGRESS WINNING THE DISCOVER TOR NODES
DESIGNED TO SPY ON
SMART WATCH
MOVEMENTS TO REVEAL
‘FTC WARNS
WEBSITE FOR ‘CYBER ARMS HIDDEN SERVICES’ A WEARER’S ATM PIN’ CONSUMERS OF
THREE DAYS’ RACE’, ADMIT RENTAL CAR DATA
‘RESEARCHERS FOUND ‘IDENTITY FRAUD THEFT RISK’
‘HACKERS FIND 138
COPS’ A HACKING TOOL THAT
SECURITY GAPS IN TARGETS ENERGY GRIDS
UP BY 57% AS
‘YAHOO CONFIRMS MASSIVE
PENTAGON WEBSITES’ THIEVES ‘HUNT’ ON

03
ON THE DARK WEB’ DATA BREACH, 500 MILLION
SOCIAL MEDIA’ USERS IMPACTED’
Fast facts
It’s hard to choose just a handful of
facts that highlight the threats and
opportunities facing Australia, but
here is a sample.

THREATS OPPORTUNITIES
IN 2014-15 CERT (COMPUTER THE WORLD ECONOMIC FORUM’S CYBERSECURITY IS A BUSINESS IN 2003 THE CYBERSECURITY THE UK PUBLISHED ITS CYBER- JOB ADVERTISEMENTS FOR CYBER-

57%
EMERGENCY RESPONSE TEAM) GLOBAL RISKS 2015 REPORT ISSUE, NOT JUST A TECHNOLOGY INDUSTRY WAS TAGGED AT SECURITY STRATEGY IN 2011 SECURITY ALONE HAVE GROWN

$US2.5
AUSTRALIA RESPONDED TO HIGHLIGHTED CYBERATTACKS AND ONE. IN A SURVEY OF CLOSE TO – SINCE THEN THE SECTOR

11,733 4,000
THREATS AS ONE OF THE MOST LIKELY ALMOST DOUBLED FROM TEN
HIGH-IMPACT RISKS. IN THE UNITED BILLION POUNDS TO

SEVENTEEN
STATES, FOR EXAMPLE, CYBER CRIME
ALREADY COSTS AN ESTIMATED

$US100
BILLION TODAY THE GLOBAL
INCIDENTS, 218 OF WHICH INVOLVED COMPANY DIRECTORS IN AUSTRALIA, CYBERSECURITY MARKET TOTALS BILLION POUNDS AND IS NOW IN THE LAST 12 MONTHS ACCORDING
SYSTEMS OF NATIONAL INTEREST ROUGHLY ONLY HALF REPORTED MORE THAN $US106 BILLION. RESPONSIBLE FOR EMPLOYING TO JOBS WEBSITE SEEK. NETWORK
OR CRITICAL INFRASTRUCTURE. TO BE CYBER LITERATE, AND OF SOME ESTIMATES PEG THE SECTOR 100K PEOPLE. SECURITY CONSULTANTS WERE THE
BILLION A YEAR.
SIXTH
OF THESE, ENERGY, BANKING AND CO-DIRECTORS ONLY WILL BE WORTH $US639 BILLION
BY 2023.

FIFTEEN
FINANCE, AND COMMUNICATIONS

1,404
WERE THE TOP THREE TARGETS. THERE ARE
IOT SENSORS AND DEVICES
MOST ADVERTISED ICT
ARE EXPECTED TO EXCEED MOBILE BY 2030 IT’S ESTIMATED
PERCENT CLASSED AS CYBER OCCUPATION ON LINKEDIN
PHONES AS THE LARGEST CATEGORY DATA ANALYTICS, MOBILE
THE AUSTRALIAN GOVERNMENT IN 2015.
OF CONNECTED DEVICES IN 2018, LITERATE. THERE IS A LACK INTERNET, CLOUD AND IOT
DEPARTMENT OF COMMUNICATIONS

23%
GROWING AT A OF KNOWLEDGE ABOUT COULD GENERATE $US625
HAS REPORTED THAT THE AVERAGE
CYBERSECURITY AT THE EXECUTIVE

BILLION
COST OF A CYBERCRIME ATTACK CYBERSECURITY VENDORS IN
LEVEL IN MANY BUSINESSES THE WORLD TODAY. AUSTRALIA
TO A BUSINESS IS AROUND
IN AUSTRALIA.

$276,000
SPORTS ONLY FIFTEEN.
VENDORS BY COUNTRY:
IN SALES PER YEAR IN APAC.
USA 827, ISRAEL 228, UK 76,
COMPOUND ANNUAL GROWTH RATE INDIA 41, AUSTRALIA 15.
(CAGR) FROM 2015 TO 2021. SOLID
CYBERSECURITY POLICY MUST BE

05
IN PLACE FOR THIS FUTURE.
SECURING
AUSTRALIA’S FUTURE
At ACS we are passionate about the including through the Professional In May 2016 the President of
ICT profession being recognised as Standards Scheme that ensures IFIP participated in the European
a driver of productivity, innovation professionals have the specialist Foresight Cyber Security
and business – able to deliver real, skills business can rely upon. Meeting where he advocated
tangible outcomes. that professionalism of the ICT
ACS is part of the global federation
workforce is “a key element in
This year ACS celebrates 50 years of professional ICT societies,
building trustworthy and reliable
of advancing ICT in Australia. Our the International Federation for
systems” and that it is important
founders and pioneers worked Information Processing (IFIP),
to ensure that “cyber security
on the first innovative computers and the first professional body to
and cyber resilience is also a
in government, academia and receive accreditation under the
duty of care of the individual
industry, and our members now International Professional Practice
ICT professional, in all stages
work at the coalface of technology Partnership (IP3) – providing a
of a system lifecycle”.
development across every industry. platform for accreditation for
ICT professionals and mutual As we move forward another
In 2011, ACS brought together its
recognition across international 50 years, ACS will be there
own Cyber Taskforce from our
boundaries. The ACS currently at the forefront meeting the
23,000 members to respond to the
chairs IP3 and plays a leading challenges and opportunities
Federal Government’s new cyber
role in the professionalism of the of ICT, and supporting the
discussion paper, ‘Connecting with
ICT workforce. growth and potential of ICT
Confidence’, where we highlighted
professionals in Australia.
the need for ongoing co-ordination IP3 has since gained global
and a focus on developing the attention after successful
pipeline of cyber professionals. engagements at the World Summit
on the Information Society (WSIS)
To play our part in securing
Forum in Geneva and the United
Australia’s future, we continue
Nations in New York, where the
to perform the role of trusted
importance of ICT professionalism
advisor to government, and deliver
was acknowledged by the UN
services to develop and identify
General Assembly President
ICT professionals you can trust,
in 2015.

ACS
Level 11
50 Carrington Street
Sydney NSW 2000

P: 02 9299 3666
F: 02 9299 3997
E: info@[Link]
W: [Link]

Preview
Download the full version at:
[Link]/insightsandpublications/[Link]