Talking the ACSC cyber threat report on 1395 FIVEaa

FIVEaa logoThe (relatively) new Australian Cyber Security Centre (ACSC) released its first-ever unclassified threat report yesterday, but as I wrote at ZDNet, I was disappointed.

The report (PDF) has dropped, and indeed it contains few surprises. It tells the now-familiar story of serious and organised criminals, foreign state-sponsored actors, and other “cyber adversaries”, all of whom are getting better at what they do.

“The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow. If an organisation is connected to the internet, it is vulnerable. The incidents in the public eye are just the tip of the iceberg,” begins the report’s foreword.

“Cyber adversaries are aggressive and persistent in their efforts to compromise Australian networks and information. They are constantly improving their tradecraft in an attempt to defeat our network defences and exploit new technologies,” it says later.

“Australia is an innovative country with a globally important resources sector. We are a regional leader with global interests and important partnerships. This makes Australia a target-rich environment for cyber adversaries.”

All of which is true, of course, but all of which has been said so many times before.

I spoke about the report today with Will Goodings on 1395 FIVEaa Adelaide — with somewhat less disappointment in my voice.

The audio is ©2015 Nova Entertainment.

Weekly Wrap 179: A very Kaspersky Canberra, with stress

Canberra sunrise: click to embiggenMy week Monday 4 to Sunday 10 November 2013 was another busy one, but I survived.

Once more the Weekly Wrap has been hideously delayed, so it’ll just be the facts.

A key part of the week was my trip to Canberra, mainly to cover the speech by Eugene Kaspersky to the National Press Club, but also to squeeze in some meetings with other people while I was there. Kaspersky seems to have dominated my media output for the week.

Podcasts

  • Corrupted Nerds: Conversations 8, being a chat about electronic voting with Dr Vanessa Teague from the University of Melbourne. If you think e-voting is the cure for electoral fraud and mistakes, you’d better listen.

Articles

Media Appearances

Corporate Largesse

  • On Thursday I went to the National Press Cub in Canberra to hear Eugene Kaspersky’s address. I was a guest at the Kaspersky Lab table, and they paid for my flights from Sydney. I paid for my own accommodation because the Kaspersky thing itself could have been a day trip.

[Photo: Canberra sunrise, photographed from Rydges Lakeside Canberra hotel on 7 November 2013.]

Visiting Canberra to hear Eugene Kaspersky

Digitally manipulated image of Eugene Kaspersky: click for podcastI’m headed to Canberra this week to hear Eugene Kaspersky, chief executive officer and chairman of Kaspersky Lab, speak at the National Press Club on Thursday 7 November.

It’ll be an interesting event.

When I last spoke with Kaspersky in May — you can listen to that conversation now, because it became the first episode of the Corrupted Nerds: Conversations podcast — it was before Edward Snowden’s revelations began. Before “all of the cybers” changed from being something of interest only to a few specialist technology and national security writers into front page news around the world.

Actually, I’ll embed it here so you don’t even have to click through.

[soundcloud url=”https://api.soundcloud.com/tracks/115103814″ width=”100%” height=”166″ iframe=”true” /]

I suspect that the kinds of questions asked by the insular and largely Canberra-bound press gallery journalists will be as revealing of the state of play as the words of the Russian information security star himself — and he knows how to work the media.

Kaspersky is speaking at the NPC at lunchtime on Thursday, immediately after which I’ll be reporting on it for ZDNet Australia. But I’ll be in Canberra from early Wednesday afternoon through until Friday afternoon, so if you want or need to catch up, do let me know.

Disclosure: I am travelling to Canberra as the guest of Kaspersky Lab.

[Photo: Eugene Kaspersky speaking at CeBIT Australia 2012. Original photo by CeBIT Australia, used under a Creative Commons Attribution 2.0 Generic (CC-BY) license. Digital manipulation by Stilgherrian.]

Fifth “Corrupted Nerds” podcast posted

Cover art for Corrupted Nerds: Conversations episode 5: click for podcast web pageAfter a gap that was altogether far too long, a new episode of the Corrupted Nerds podcast has just been posted.

“Networks are living and breathing things. They don’t sit still. Your vulnerabilities will change on a daily basis, for sure, and you need to be on top of that,” says Dick Bussiere, principal architect for Tenable Network Security in the Asia Pacific region.

That’s why Tenable is advocating what they see as a revolution in maintaining a data network’s security posture.

“We’re kind of advocating that people perform vulnerability assessment, and remediation of vulnerabilities, as a constant and continuous process, rather than something that you do on a periodic basis,” Bussiere says.

So that worldview, plus a few comments about advanced persistent threats (APTs), the Syrian Electronic Army (SEA) and the revelations of Edward Snowden, are all part of Corrupted Nerds: Conversations episode 5. Enjoy.

Talking ASIO hack on BBC World Service

BBC World Service logoMonday night’s Four Corners episode claimed, amongst other thing, that Chinese hackers had stolen the plans to the new headquarters of the Australian Security and Intelligence Organisation (ASIO). It made global news, and as a result, I ended up being interviewed on the BBC World Service program World Have Your Say.

The 15-minute live panel discussion also included Four Corners journalist Andrew Fowler, one of the BBC’s journalists based in China, and a journalist from The New York Times.

I quite enjoyed the chat, but it also showed how new all this stuff is to a mainstream audience.

Here’s the audio of the full 30-minute program. It starts off with a discussion of the current situation in Syria, and then we start at about the 14-minute mark.

The audio is of course ©2013 British Broadcasting Corporation. The audio player is linked directly to the BBC’s copy of the MP3 file. If that ever breaks, let me know and I’ll post my copy.