51 critical infrastructure organisations breach in 2012: report

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.scmagazine.com.au/News/333541,51-critical-infrastructure-organisations-breach-in-2012-report.aspx

A new report has found fifty one critical infrastructure operators in
Australia have been breached in the last year with nine losing
proprietary information.

The Cyber Crime and Security Survey Report (pdf), commissioned by CERT
(Computer Emergency Response Team) Australia and authored by the
Centre for Internet Safety, received 255 responses from organisations
operating systems of national interest. The organisations came from
sectors including energy and water utilities, defence, communications
and finance.

Ten of those breached organisations had experienced more than 10
breaches in the last year.

Most breaches were due to theft of devices, automated hack tools,
software vulnerabilities, and mis-configured operating systems,
applications or network devices.

Twenty two breaches were caused internally, the same number as those
which reported attacks to police.

Ten kept the incident quiet "because of the fear of negative
publicity" and 36 did not think the attacks warranted law enforcement
investigation.

Of those organisations which reported breaches, eight claimed the
incidents were not investigated, ten did not know the outcome of an
investigation, and four reported a person was charged as a result.

Most surveyed organisations had standard security technologies in
place while 153 had intrusion detection systems. Two-thirds possessed
documented incident management plans, but only 31 had forensic plans
in place.

Half of the organisations increased security spend over the last year
and considered attacks against them to be targeted.

Most respondents from the energy, water and transport sectors said
they were part of the Federal Government's Trusted Information Sharing
Network (TISN), housed within the Attorney General's Department
alongside CERT Australia.

The TISN was a platform for organisations of national interest to
share information about their networks with the agency under
non-disclosure agreements in return for non-public security
intelligence. The initiative aimed to provide the Federal Government
with good insight into potential vulnerabilities into critical
infrastructure networks, and to make operators more resilient.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.