10 July 2018

Cybercrime

We do everything online now; from ordering groceries to doing our banking. As internet use becomes more integrated into our everyday lives, so too does the threat of cybercrime. We’ve been hearing a lot about cybercrime over the past couple of years, which begs one to question, are attacks of the cyber-type becoming more prevalent? We recently sat down with cyber investigator, Dr Graeme Edwards to get some insight into cybercrime and find out why the legal industry has become a major target.

What is cybercrime?

G: Cybercrime can cover a lot of things, but generally it’s the use of technology to commit criminal offences. Cybercrime can be an act of internal crime, or it could be an attack on a particular system to take out a computer. It can be a person in another country attacking you purely because they’ve found online that your computer has a vulnerability. It could also be a specific attack to steal intellectual property, credit cards, client lists, email lists and so on. It’s a very wide thing that covers the use of technology, internal and external to an organisation and unfortunately, it’s absolutely rampant.

Why do they do it?

For whatever reason makes sense to them. Money is always a big motivator. Some people do it for power because they love having the power on the internet to destroy and walk over others. Revenge can also be a motivator. And sometimes it’s just pure ego; the fact that they have the power and the capacity. There are a lot of motivators. While it may not make any sense to us, it really depends on what’s going through their minds at the time.

Why target law firms?

Law firms hold very sensitive information, and there have been some examples recently of UK law firms getting hacked into. For example, intellectual property trademark lawyers might have an IPO coming up, or something like that. Have a look at the work law firms are doing in the commercial field. Two companies might be in a dispute over something, there might be something happening that could affect the share price of an organisation on the ASX – all of these sorts of things. There’s very, very important information stored by law firms, and unfortunately, to the bad guys, that’s got value.

What are the most common vulnerabilities?

People and their computers, the operating systems and applications not being secure. When the likes of Microsoft or Apple release operating systems updates, the bad guys know that there’s a certain period of time where there are vulnerabilities in the system before you update it. You might have operating system 10.2, and the manufacturer releases version 10.3. The difference between 10.2 and 10.3 are some vulnerabilities they have identified. 10.3 patches it, however, this means that 10.2 doesn’t, so attackers will attack those vulnerabilities for those who haven’t updated their system.

Another common vulnerability is the human – never trust anyone you meet online, particularly on social networks, because you literally don’t know who you’re dealing with. One of the most common ways of breaking into a system is through phishing emails; where you click on a link or download an attachment which ends up compromising your system and the whole network.
Unfortunately, one of the most common vulnerabilities is not understanding the system or what the internet is and the environment when you go online. The internet can be a very hostile, aggressive place but you can’t see it because we’re all busy online doing whatever we do there (shopping, banking, social media, research etc). Unfortunately, if you don’t regularly check and update your operating system and your wits about you when online, you can potentially be a simple target.

How can businesses protect themselves?

Get expert cyber advice from IT professionals. The Australian Signals Directorate have some very good advice on how to protect your systems. Australian Cyber Security Centre also have advice that is easy to read.

There’s no ABC for protecting all organisations. Often, it’s unique to each organisation; how they’re structured, where employees work, how remote they are and who needs to access what. However, there is a lot of help available. As a first step, I would recommend having a pre-incident response plan in place, so that if you find that your organisation has suffered a major cybercrime, you can pull out of the drawer the incident response plan that says, ‘this is what we do in these particular circumstances and these are the people who we need to contact immediately’.

 

If you’ve enjoyed reading this blog post, be sure to check out our podcast with Dr Graeme Edwards.

Share this article on social