A new kind of spy: Cyberespionage in Australia

In an environment where businesses and government organisations alike deal with highly sensitive information, cyberespionage has become a critical threat to Australia. 

In 2013, the Australian Signals Directorate reported 940 cyberincidents involving government agencies, representing a 37 per cent increase from 2012. Due to these figures, a review into Australia's cybersecurity was ordered in November last year by the Prime Minister. This was published recently by the Australian Cyber Security Centre (ACSC) and gave some insight into cybersecurity risks in Australia, particularly cyberespionage. 

Compromises to online information can have huge economic consequences.

Cyberespionage is defined by the ACSC as "offensive activity designed to covertly collect information from a user's computer network for intelligence purposes". According to the ACSC's threat report, our country is a prime target for online menaces due to our wealth of resources, field expertise in manufacturing, technology and scientific research, and our relationships with other countries, including a influential role in the Indo-Pacific region.

As stated in the report, compromises to online information can have huge economic consequences. Cyberespionage is seeing an increase in many countries as this method offers high returns for little cost and risk to the perpetrator. Even if all other systems in a database are firmly protected, one weak link in the system can compromise valuable information.

The government has offered strategies that can stop at least 85 per cent of cyberattacks, including the use of application whitelisting, restricting access, and patching applications and operating systems. However, further information security training may be required to stop more sophisticated threats.

As more sophisticated cyber espionage groups emerge, business and government organisations alike are at risk.As more sophisticated cyberespionage groups emerge, business and government organisations alike are at risk.

Cyberespionage is gaining traction, with Symantec revealing its findings on the Black Vine group in a July whitepaper.

The cyberespionage group, active since 2012, was believed to be behind the February attack on Anthem Health Insurance that led to the exposure of over 80 million patient records. Black Vine may also be responsible for various attacks on the energy, aerospace, and healthcare industries, and use custom-developed malware that is constantly updated to avoid detection. 

Black Vine stands out as it is a well-funded and organised body, with links to many other actors in the cyberattack network. While most attacks are focused on IP addresses in the United States, there are risks they could move to more areas globally. 

Armed with increasing awareness of threats, Australia is in a better position to address issues of cyberespionage. However, both government and business professionals need to keep on top of changes and growing threats, possibly through ongoing information security training courses.