Security News > 2008 > May > ASIO chief urges business to look at IT security

ASIO chief urges business to look at IT security
2008-05-23 07:14

http://www.theage.com.au/news/security/asio-chief-urges-business-to-look-at-it-security/2008/05/22/1211182988498.html The Age May 22, 2008 Spy chief Paul O'Sullivan has urged business to assess its cyber security, saying individuals and nations are targeting the private sector in a bid to steal sensitive information. "The widespread use of the internet in government and business presents opportunities for state agencies to gain covert access to information," Mr O'Sullivan told the Australia-Israel Chamber of Commerce in Sydney today. "And a range of non-state actors - hackers, criminals and other foreign entities, acting independently or on behalf of groups, networks, or states - are engaged in nefarious cyber-activities, whether for profit, to cause damage, test for vulnerabilities or acquire sensitive information. "Such actors are targeting business and government alike." Mr O'Sullivan, the director-general of the Australian Security Intelligence Organisation (ASIO), warned the attacks were not always obvious. He made particular mention of so-called trojan horse attacks where a seemingly innocuous piece of software is attached to an email and then makes its way into a computer network. "The various IT-related devices - software, mobile phones, disks, thumb-drives, personal organisers, and so forth - all of which are now in common use - are also potential vectors for trojans. "So it is important that you consider whether you have appropriate security policies covering their use, particularly as they can be easily inserted into your systems, sometimes quite innocuously - as gifts to staff, for example." Mr O'Sullivan warned a trojan attack could potentially see large amounts of private information stolen from "virtually anywhere on the planet". "A successful attack could see the loss of commercially-sensitive information (including) business strategies, intellectual property, sensitive client details, even company employee information." ASIO runs a business liaison service and Mr O'Sullivan encouraged businesses to use it. "Given the international profile of many of our major companies, we are also working closely with key overseas partners to pool and compare experiences and further refine judgments so that businesses are provided with consistent advice." Mr O'Sullivan's warning comes a day after the business-government advisory group on national security met. At that meeting Mr O'Sullivan provided a detailed national security update to leading business figures from high profile companies including Rio Tinto and Westfield. Attorney-General Robert McClelland admitted earlier this year that classified government computer networks had been subjected to cyber attacks. Copyright 2008. The Age Company Ltd _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com


News URL

http://www.theage.com.au/news/security/asio-chief-urges-business-to-look-at-it-security/2008/05/22/1211182988498.html