Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 22 June 2020 11:34

Cyber attacks: experts come out of the shadows to vent at length

By
Cyber attacks: experts come out of the shadows to vent at length Pixabay

One good thing about cyber attacks on Australia is the fact that they unearth a large number of highly talented cyber security professionals who have been hiding in the shadows. Given the dearth of talent in this sector, it is indeed a welcome development.

One of the prominent cyber security talents discovered, after Prime Minister Scott Morrison had made claims that seemed to be about the present but were actually about the past, was Peter Jennings, the head of the Australian Strategic Policy Institute, a defence industry-funded lobby group that poses as an independent non-partisan think-tank.

Jennings was very clear about the culprit; part of his spiel to The Australian, that venerable publication from the Murdoch stable, was this gem: "I think you can sort of attribute 95% of confidence to it being China.” And the other 5%? Jennings did not go into detail about that.

Most cyber security professionals whom I know would run a mile from such statements. They have their differences, violent ones too, but they are unanimous on one thing: attribution is the most difficult part of the profession.

One security pro, Brett Callow, a ransomware specialist from New Zealand-headquartered Emsisoft, was scathing about the claims being made. Citing a report in The Sun which said "Cyber security researcher Robert Potter said: 'Based on the evidence, I'd say it strongly leans towards MSS'," he commented: "What evidence? The only thing that's been made public is that they supposedly used garden variety tools and techniques. But The Sun has declared it was China, so it must've been."

MSS is the Chinese Ministry of State Security which is often blamed by Western governments for cyber attacks.

Callow added: "So, based on the reporting, it would seem that the press is quite happy to accept that a) there was indeed a massive cyber attack and b) the pesky Chinese were undoubtedly responsible.

"But a) there are no known victims of this highly sophisticated attack by China, b) no services appear to have been interrupted and c) security companies’ telemetry hasn’t set off any alarms (as far as I can tell).

"Man, it’s shocking how little these things are questioned. "

But back to Jennings; he had more wise words: “I think you’ve got to sort of go through a checklist of factors, which is not just the capability ­issues that Morrison talks about but also the interest and intent. The Russians could do it. The North Koreans could do it, but neither of them have an interest on the scale of this. They have no interest in state and territory government or universities. So that leads me to conclude that the only country that has got the interest to go as broad and as deep as this and the only country with the sophistication and the size of the intelligence establishment to do it, is China. That’s very clear."

Clearly, there is a lot for people like Callow to learn. I wonder if Jennings accepts interns at his institute.

But Jennings wasn't the only one. Nine Entertainment's The Age ran this: "Sean Duca, regional chief security officer with global cybersecurity company Palo Alto Networks, said the attacks were part of a 'sophisticated attack that we have witnessed targeting organisations around the world'.

"From our analysis, there is similarity in the code reuse as the attacks made in February 2019 targeting the Australian Parliament House," he said."

The fact that a so-called sophisticated actor was said to have used the same techniques over and over was not questioned; apparently, these attackers, no matter their origin, are fairly dumb when it comes to actual attacks.

Leaping into the fray was former Australian national cyber security adviser Alastair MacGibbon, a bloviator of no mean proportions, who told the Australian Financial Review that this was "likely a campaign by a sophisticated state-based actor" and part of a wider trend. Once again, MacGibbon was given a free pass and not asked how a sophisticated actor revealed himself/herself in a manner that a script kiddie would. Oh no, the AFR did not seek to question this wisdom from on high.

But MacGibbon, who now runs a private company called CyberCX and finds occasions such as these a good time to tout for business, wasn't done. On he went: "It is an affront to our national interest and sovereignty that such events occur. And that's why the Prime Minister has stood up to make a statement."

Really? The fact that some individual or country has tried to infiltrate Australian networks is an affront to us? It happens to most nations on a daily basis and even small websites suffer unexpected attacks when experienced cyber criminals get their wires crossed. An affront to national interest and sovereignty? A bit over the top, surely?

Not far behind was KPMG cyber security partner Kathy Robins who told the AFR: “Most attacks are about wanting to get bang for buck in effort.” You can parse that, gentle reader, and see what you make of it. I've given up.

But this was the time for hyperbole and MacGibbon made every post a winning one. He told the Daily Telegraph, another publication from the Murdoch stable, “Cyber security is the greatest existential threat we’re going to face.” One can't beat that for overstatement.

The lack of any scepticism among journalists is truly a frightening thing. They have morphed into stenographers who will run anything in order to feed the monkey. As Rolling Stone writer Matt Taibbi put it: "We are professional space-fillers, frivolously tossing content-pebbles in an ever-widening canyon of demand, cranking out one silly pack-mule after another for toothpaste and sneaker ads to ride on straight into the brains of the stupefied public."


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments