cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

The blind spot in Australia’s multi-billion-dollar cyber defence strategy

About 4.3 per cent of Australian households experienced a successful or attempted break-in last year. That puts the average person at pretty good odds of not being a victim, but not really good enough that they’d bet against it, James Wright at Cloudian writes. So, most Australians have some form of security in place: a locked or double locked door, an alarm system, video surveillance, etc to protect themselves and their homes.

user iconJames Wright
Thu, 07 Jul 2022
The blind spot in Australia’s multi-billion-dollar cyber defence strategy
expand image

Some will go a step further to protect valuable goods by keeping them in a safe, either in the home or at high-security safe deposit box. A safe is not impenetrable, but the average criminal is not going to dedicate their limited break-in time trying to steal what’s inside, focusing instead on more accessible spoils.

This simple logic begs the question of why Australian governments, leading enterprises, and others so comfortably leave their most important asset — data — right there on the hall table to be stolen during a cyber attack.

Value of data on the rise


Data is often touted as “the new oil” in terms of its value — but it’s become much more than that. It’s a fundamental asset that drives businesses forward, not a commodity.

This status, coupled with a dramatic rise in ransomware attacks and the palpable cyber threat posed by Russia, its proxies and overall greater global hostility, has led to a massive surge in cyber security spending — AustCyber estimates organisations will spend $7.6 billion by 2024. This is on top of the $9.9 billion the government is spending as part of REDSPICE, and those figures combined are still heavily overshadowed by the circa $42 billion cost of cyber crime to the Australian economy.

So, where does this money go? The majority is dedicated to perimeter defences, and to a lesser extent, training, both aimed at prevention. In a home security comparison — we’re talking reinforced locks, alarms, reinforced windows, maybe even some guard dogs to make entry really difficult. Difficult is the optimal word here — home invasion is not preventable, and neither is cyber crime. A report from Cloudian showed 54 per cent of victims had anti-phishing training and 49 per cent had perimeter defences in place at the time of attack.

Backups, which fall outside of perimeter defence and into resilience and recovery in the event of an (inevitable) attack, are another key form of protection. But these are also a key target for cyber criminals so they warrant additional attention. Virtually all organisations back up data, not unlike how consumers use Dropbox, Google Drive or iCloud to back up images, video and documents, but the issue is how they do it.

Many backups can be accessed when attackers gain entry. Hackers can also do things like quietly switch off certain backups and lie in waiting before formally launching a request for ransom, knowing they’ve crippled any means to successfully recover that data.

Many organisations — including a huge proportion of Australian federal and state government agencies — back up data on tape, a technology invented in the 1950s. While it’s advanced since then and is outside the reach of a breach, it can have other issues — tape can be damaged or destroyed, might not integrate with an organisation’s current IT environment, and might take months to actually restore core operational data back into the organisation.

In one example of an Australian university ransomware attack last year, it took around four months to recover most of the data. The idea that any organisation can last this long in 2022 without access to its data crown jewels is absurd.

Data immutability

Fortunately, more modern storage technology can provide ransomware protection and enable fast recovery in the event of an attack, without having to pay ransom. The key to such protection is data immutability — a term that should become part of the vernacular of boardroom and government-level cyber conversations.

Immutability prevents cyber criminals from encrypting, altering, or deleting data. Further, it enables fast data recovery and operations to restart when a breach occurs. It’s like having a replacement of all the important things a criminal could steal from your home within hours of the theft — it’s insurance.

Australia can — and will — spend unprecedented billions of dollars on shoring up security, which is prudent. We must disincentivise cyber criminals as much as possible, and bolstering our cyber posture helps to achieve that.

But we also have to accept that cyber criminals can and will get in. They’re evolving with the times too and getting more creative as we get more defensive. If a business leader doesn’t understand — or their IT or security leaders can’t tell them — where data is backed up and how, whether it’s immutable, or how long it would take to recover in the event of a cyber attack, they’re in trouble.

James Wright is regional director A/NZ, ASEAN and Oceania for data management company Cloudian.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.