Cyber security is no longer a specialist field, it’s a part of everyday life and we all need to take it seriously.
That’s the warning from Professor Richard Buckland, UNSW cybercrime expert, who says Australians left themselves vulnerable to the major attack announced by Prime Minister Scott Morrison today.
Professor Buckland said the “embarrassing” attack was basic “bread and butter” stuff that had been around for the last couple of years.
“Although there seems to be many attacks happening in parallel, none of them are really that sophisticated,” he said.
“It’s almost embarrassing we’ve been caught by these things that should have been fixed last year.
“These are attacks developed a while ago, and they’re available on the internet.”
Professor Buckland labelled them “copy and paste attacks”.
“The attackers aren’t really showing much sophistication – it’s like you’ve left your house unlocked and they’re opening the door,” he said.
In an urgent press conference called this morning in Canberra, Mr Morrison said the ongoing, “large-scale” hack was being executed by a “sophisticated, state-based cyber actor”.
“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters.
“We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting and the tradecraft used. Regrettably, this activity is not new. Frequency has been increasing.”
Professor Buckland said obviously the attacks had been happening for a while and there was not cause for too much alarm.
“It doesn’t look like it’s a panic,” he said.
“There’s not a tsunami approach where you’ve got no time to prepare. It’s a public service announcement to let people know what’s going on.”
Professor Buckland said attackers were exploiting weaknesses, mostly targeting Microsoft products.
To prevent them, he said people should be making sure their software was up to date, including on their phones.
“When you get alerts asking to automatically update your phones, you should do that,” he said.
“If it says would you like me to apply them, always click yes, go have a have a cup of coffee and just smile and know you’re safe.”
RELATED: Why China is the prime suspect
He said another technique being used was spearphishing, as opposed to traditional phishing that involved sending out blanket emails, for example.
“Spearphishing is where you target an individual that you want to get to,” he said.
“They don’t have to be senior. They’re often normal, everyday people.
“These are attacks you have to be alert to, like downloading or opening a document – usually a PowerPoint.”
Professor Buckland said attackers would trick people to go to a website, that could look like their company’s corporate system, and enter their password.
“Everyone should be very wary of being tricked,” he said.
“My advice would be two things – patch your software, which means run updates.
“Two would be to be aware of people trying to trick you. Be very careful opening an attachment or typing in your credentials.
“You have to be really careful. Improve your cyber security awareness. It’s just part of a skill for life.”
He said if someone received a PowerPoint document they should ask for the person to send it as a PDF or keep them stored on company servers if they were sending them internally.
Professor Buckland said the situation was like the coronavirus pandemic – it did not seem like a big problem at the time.
“It doesn’t look like a crisis until you see it happening,” he said.
“There needs to be a national refocusing. This is not a specialist, technical thing; this is a part of everyday life and everyone needs to improve it and take it seriously.”