NEWS

Hacking your holiday: How Perth travellers are being increasingly targeted by cyber criminals

Imagine if a hacker shut down the baggage handling system of one of the worldu2019s busiest airports. Or took control of a fleet of autonomous delivery trucks and re-routed them to disrupt rush hour traffic in a major metropolis.n

nWhat if the hacker then demanded a ransom to unlock the digital networks theyu2019d hijacked? Joe Burton of the University of Waikato wrote that according to the latest State of the Internet report from Akamai, one of the worldu2019s largest providers of computer servers and networks, these scenarios arenu2019t fantasies of some distant dystopia. They are just around the corner.n

nTechnology continues to evolve with advances in artificial intelligence, automation, biometrics and a rapidly expanding Internet of Things. With this comes an increasing and potentially catastrophic risk of malicious actors bringing digital infrastructure and the societal services that rely on it to a grinding halt.n

nEven if weu2019re not quite there yet, there are several worrying trends highlighted in the report that show what cyber security professionals are already confronting.n

DDoS for hire

The first concern relates to an increasing frequency and volume of Distributed Denial of Service (DDoS) attacks u2014 up 16% in the last year. These attacks bombard computers with huge amounts of data. They are used by malicious actors to disrupt and delay networks and make them unavailable to their users. The most famous DDoS attacks were against Estonia in 2007, shutting down banks, media organisations and government ministries.

Technology continues to evolve with advances in artificial intelligence, automation, biometrics and a rapidly expanding Internet of Things. With this comes an increasing and potentially catastrophic risk of malicious actors bringing digital infrastructure and the societal services that rely on it to a grinding halt.

Fast forward a decade and the volume of data harnessed in such attacks has increased exponentially. According to the Akamai report, the largest DDoS attack in history was recorded in February this year against a software development company. It involved a data flow of 1.35 terabytes (1,350 gigabytes) per second. The Southern Cross Cable connecting Australia and New Zealandu2019s internet has an estimated overall capacity of greater than 22 Tbps u2014 due in large part to recent upgrades. Such a high-volume attack directed at a single choke point could have a big impact on transcontinental and national internet speeds.n

nPerhaps even more concerning is that DDoS technologies are being commercialised and sold to cyber criminals on u201cDDoS-for-hireu201d websites.n

nTheyu2019re also becoming more sophisticated. Previously seen as a fairly simple way of exploiting internet traffic, the latest DDoS attacks exhibit more novel ways of creating u201cbotnetsu201d (networks of compromised computers) to redirect data flows against a target. According to the Akamai report, attackers have been paying attention to mitigation efforts and changing the nature of their attacks as they unfold.n

Hacking holidays

Cyber criminals will invariably look for the weakest links. This might be individuals who never update their passwords and use unidentified Wi-Fi networks without due diligence. Or it could be particular commercial sectors that are lagging behind in cyber security standards.n

nThe Akamai report highlights that in the last year organised cyber criminals are increasingly targeting the tourism market. A staggering 3.9 billion malicious login attempts occurred during the last year against sites belonging to airlines, cruise lines, hotels, online travel, automotive rental and transport organisations.n

nFinding out who is responsible is a trickier problem. Evidence suggests that exploitation of hotel and travel sites is mostly emanating from Russia and China, and itu2019s possibly the work of organised cyber criminals targeting tourists for easy gain. But more work needs to be done to map cyber crime and understand the complex criminal networks that underpin it.n

Itu2019s not all doom and gloom

While the report warns of larger more destructive DDoS attacks before the end of 2018, itu2019s not all doom and gloom. The potential for cooperation is also evident.n

nIn April 2018, the Dutch National High Tech Crime Unit and the UK National Crime Agency ran the appropriately named u201cOperation Power Offu201d. This targeted a DDoS-for-hire site that was responsible for somewhere between four and six million DDoS attacks over its lifetime. The successful operation led to arrests and likely criminal prosecutions.n

nThese sorts of high level cyber crime collaborations are growing in frequency and strength. Our own national Computer Emergency Response Team (CERT) in New Zealand, for example, is working with its Australian counterpart u2014 and CERTs all around the Asia Pacific region u2014 to identify and counter cyber crime.n

nThe New Zealand government is currently consulting on a u201crefreshedu201d national cyber security strategy, and new powers have been invested in the Australian Signals Directorate to combat, prevent and disrupt cybercrime committed outside of Australia. So, it appears Trans-Tasman responses to these problems are growing teeth too.n

nTo ensure your businesses cyber security is at the forefront of whatu2019s available, contact Domain Digital on (08) 9441 6300 or simply visit www.domaindigital.com.au to find out how to ensure youu2019re as safe as possible.n

LOOKING FOR A DIFFERENT IT SERVICE?

ENQUIRE TO FIND OUT MORE ABOUT OUR SERVICES.

Want to know more about how Domain Digital’s IT services in Perth could be of value to your business?