‘Being Hacked’ - Insight, SBS on Demand Tues 8/9/2020

BMUG members were invited to watch this video on SBS and then talk about it during the meeting. It may not be available after a short time. The following are stories covered in the show.

Bastien Treptel - CTRL
‘100% success in hacking into any system asked to check’

Gillian Franklin - The Heat Group
Site share folders all gone, 20 years of intellectual property stolen.
Contacted other companies hacked to share their strategies - were very helpful. Govt agencies useless, PWC Security advised them how to proceed
Questions
How to recover and restore work.
Whole communication approach to keep everyone informed.
PWC’s advice - Do not respond to ransom note on own server. Use gmail.

Brian Schmidt - VC ANU
hackers targeted enterprise systems and personnel information of 20 years
Took 700 Mb data
Expected that hackers was ‘nation state’
Intrusion for 6 months prior to detection
Complete information transparency with staff
Targeted personnel records (=> probably to blackmail or intimidate future leaders as many from past studies had done so at (ANU)

Daryl Peter - Space Satellite Agency
intrusion discovered by government agency and undetected for several years
Intrusion likely via ‘phishing’ email
Executives then moved to using computers not on regular network
Targeting likely design documents for satellites and launch vehicles
Environment the most infected that ever detected
Communication during rectification period was verbal person to person and not electronic to avoid alerting intruders that detected

Chris Gatford - Hactive
company which tests businesses vulnerabilities to physical entry and passwords by masquerading as tech advisory company. Easily able to bypass human electronic security intrusion barriers.
Used access card reader to copy cards of staff outside building on the street in smoking group
All staff were far too trusting (c.f home users!)
Took laptops away and used tools to bypass passwords
Gave access to company operations and finances
Had both technical and psychological expertise to do this.

Bastien Treptel - CTRL
had even used his children to gain access to offices by them asking if could print off homework, charge phone
Devices that did not have default usernames and passwords readily vulnerable if not updated. (Note SWANN security cameras etc all used rebranded Chinese components

Skeeve
1st Australian to be jailed for hacking
Initially hacked Coke machines in US
Used easy entry points into company networks and worked deeper into area of interest (fishtank thermometer in Iraq nuclear factory)
Hacked into AusNet (power & gas supplier). Credit card info stolen/available
Sent to jail and prior to release interviewed for several security jobs
Big danger now IOT (Internet of Things)

Kevin Mitnick (US)
started hacking into telcos and then into National Security Agency
Hacked into mobile phone companies as interested in their source code
Became fugitive from law, worked in legitimate companies, using faked ID & credentials during the day and hacking at night
Motivation = Challenge

GF - finally got files back. Hacker from Russia, sold info on dark web. Used phishing as method of entry

Alana Treptel - Maurushat Western Sydney Uni
Many stories like GF’s
Businesses should have cybersecurity insurance

Do hackers had a moral conscience?

BS - ANU attack was sophisticated spearphishing via preview and email not actually clicked on!!
good at hiding their tracks and stealing files in fragments

DP - had to build complete new environment.
sophistication of attack =? State sponsored actor

Tim Wellsmore - FireEye Mandiatory
Majority attacked
cyber criminals to steal money
Nation state I.e. China to obtain information to further their nation, by looking for political, economic or military advantage
Hacking into Unis, research institutions etc (Read ‘Silent Invasion’ Cleve Hamilton)
Looking for the next edge advantage

‘State sponsored’ = aware, may be employees or sponsored support by government.
During day cyber espionage and at night cyber crime.

Manipulation of company share prices through hacking and demanding ransom. Companies avoid public disclosure to prevent impact on their share price (How many companies sabotaged and taken over using this method?)

BT - CTRL - Covid-19 has impacted on work opportunities enticing some IT workers to dabble in cyber crime
CTRL set up fake companies to entice and discover cyber criminal methods. VERY SOPHISTICATED!
Even got invited by one company to visit. Had large staff numbers including psychologists to plan & design best attack techniques on executives, managers, real estate agents etc

CLOSING ALERTS
More risk now that many working from home
Back up everything
Not IF will have computer/network compromised but WHEN
Trust no one

(1989 book on hacking ‘The Cuckoo’s Egg’ Clifford Stoll)