Expert warns SMEs “all data has a cost”, as Bureau of Statistics gets hacked

A hacking attempt targeted at the Australian Bureau of Statistics has revived warnings for small businesses to start looking at how they can better protect their most essential data.

The revelation of numerous hacks directed at the ABS comes after the federal government announced earlier this year it would adopt a new cyber security strategy, which would aim to consolidate a number of different departments.

The hacks also come as more Australian businesses are being targeted than ever, with many hackers hoping to use them as entry-points for hacking larger organisations.

The Australian Financial Review reported the ABS has recorded several attempts to access market-sensitive data before its official release.

The ABS was contacted by SmartCompany this morning, but no reply was available prior to publication.

The AFR reports the attacks consisted of several attempts – some sourced from China – and these were passed on to the department’s security operations team. The attacks reportedly varied in risk.

In a statement provided to the publication, a spokesperson for the ABS said none of the attempts were successful, and no data was stolen.

Yet the attacks are a reminder that both governments and businesses are constantly being bombarded with attacks so hackers can gain access to market or corporate-sensitive data.

However, AVG security advisor Michael McKinnon says many of these attacks need to be kept in perspective.

“There can be targeted attacks which focus on particular organisation as part of a specific objective,” he says. “But in the vast majority of cases there tend to be more generic style attacks.”

McKinnon references the recent WordPress botnet, which is an example of a large-scale attack which tried to access several websites at once.

Once these automated attacks find a vulnerability within a target’s system, it notifies the hacker. McKinnon says to suggest these attacks are all “targeted” is untrue.

“What may happen is that when a list of successful websites is obtained by the attackers, those lists can be traded, and sold, and there is more potential for targeting to occur.”

In the case of the ABS, McKinnon says, the attempts are a solid reminder about the valuable nature of data.

“All data has a cost,” he says. “The ABS carries a lot of census data, we give out a lot of information, even personal information, and so it would be carrying a lot of private details.”

“From that point of view, the ABS would be a high-profile target.”

Businesses, even SMEs, have been increasingly warned about the valuable nature of their data. Large numbers of businesses hold on to essential data for not just customers, but corporate clients. Such data can include financial information and account numbers.

McKinnon says this series of attempts is yet another reminder why businesses should place a high priority on protecting that sort of information.

“Every crime has both a motive and opportunity. The connectivity of the internet just provides an amazing opportunity.”

 

COMMENTS