Information Security Threats in Australia

Question: Describe about the Information Security Threats in Australia. Answer: Virus A computer virus is a type of program written in malicious code, which spread from one host to another host and often replicating itself. It operates in the same way as that of a flu virus. The virus cannot spread unless it is attached to a document or file, especially if it supports macros, to execute its codes. In the process of replicating the virus can often corrupt data or damage critical system files (Zhu, Yang and Ren 2012). The disturbing and devastating things a virus can do are taking over the machine, spamming email contacts, corrupting files, logging keystrokes, and stealing data or passwords. To protect a system and its files from infecting with viruses, an antivirus program such as Avast, Norton, AVG or Kaspersky can be used. Alternatively, Internet Security Suite can be used for those system requiring the need to go online; Different Internet Security suites are Bitdefender Internet Security, Kaspersky Total Security and Avast Premier (Us.norton.com 2016). A new type of virus emerged in 2015 known as the Cryptolocker virus, which hijacked the entire computer or encrypted user's documents and system files and demanded money to unlock them. Australians paid thousands of dollars to hackers residing overseas to get rid of the Cryptolocker virus, which is also dubbed as ransomware. In its current form, the encryption set by the virus is unbreakable (ABC News 2015). Trojan As stated by Abuzneid et al. (2015), a Trojan horse or Trojan is a type of malware that can gain access to a computer system by disguising itself as legitimate software. Usually, hackers and cyber-thieves try to gain backdoor access to the system and steal sensitive data. Trojans often trick the users by some form of social engineering to load into the user's system and then execute malicious codes. Trojans often disrupt the performance of computer networks and computers. Trojans can copy, modify, block or delete data. Trojans do not replicate themselves, unlike viruses. There are various types of Trojans including Trojan-SMS, Trojan-Ransom, Trojan-IM, Trojan-GameThief, Trojan-FakeAV, Trojan-Dropper, and Trojan-DDoS among others (Usa.kaspersky.com 2016). In February of 2016, a Trojan virus played havoc with the communications networks of the Australian Parliaments building and made it impossible for some operations to be carried out. Soon after the problems began, internet and phone networks were shut down. The MPs of the Parliament were sent a notice that phones and computers were isolated as a precautionary measure after the Trojan virus hit the Parliament's Information Technology. The incident was referred to as first of its kind in recent history (ABC News 2016). Malicious Application Malicious applications or simply malware is a software which harms the information system networks and computer system. They can be in the form of adware, rootkits, spyware, Trojans, viruses or worms. A common application of malware is to add software not approved by the user, delete documents and steal protected data. Spyware monitors internet traffic and track users location, or capture critical information like numbers of credit and debit cards (Niemela and Palomaki 2013). Adware triggers various unwanted pop-ups across the websites the user visit, by acquiring user information from the social network and other websites. Besides using antivirus and internet security suites, malware needs to be installed which will scan and remove the system for any infections found. Hardware firewall found in routers and software firewall provide additional security to the user in blocking these infections (NewsComAu 2016). In March of 2016, a new malware has been released which targets banking apps of major banks of Australia. This software has been social engineered to bypass two-factor authentication and steal credit card numbers and user credentials from infected Android devices. The malware created a fake page within the app which looks similar to the legitimate banking page. After users input their details, the data is then hijacked. National Australia Bank, ANZ, Westpac, and Commonwealth Bank customers are vulnerable to the new malware. The malware infection is easy to spread on Android owing to the open nature of the Android system (Turner 2016). Worms According to Aziz (2013), a computer worm is a computer program which can self-replicate which spreads malicious codes within an operating system. A worm transmits its copy to other devices over the network, creating artificial throttling of the bandwidth and deleting user files and send sensitive data over the internet. It also opens up the possibility of installing backdoors in the system. The way a computer worm is different from a computer virus is that a worm can self-replicate and transmit itself over the network, latches onto a file and exploit vulnerabilities automatically without the intervention of the hacker, which makes it much more dangerous than a virus. The common modes of transmission are visiting infected websites and file sharing networks. To prevent entry of worms, all software installed needs to be updated and patched, and firewall needs to be installed for additional protection (Mishra and Pandey 2014). The first worm is believed to have been programmed by hackers based in Melbourne. Phoenix and Electron are thought to be the two names of the hackers as per federal police reports. It was called WANK, programmed in DIGITAL Command Language and attacked DEC VMS over DECnet in 1989. The affected DECnet network was operated jointly by the Department of Energys High Energy Physics Network (HEPnet) and NASA Space Physics Analysis Network (SPAN) (Applegate 2015). Keylogger A keylogger, often dubbed as a keystroke logger monitor, is a small application or a hardware device, monitors a system for keystroke input from the keyboard as the user types. A keylogger hardware device is a small battery-operated plug which as a connector and is installed on the system and the user's keyboard (Wang 2014). It is usually unrecognizable at first sight since it looks like a normal keyboard plug, which acts a camouflaging mechanism. The logged keystrokes are then saved in a text file and stored in memory of the device, which has to be physically unplugged to access the information. If it is a software, the keylogger records each keystroke as the user types, and upload the data over the Internet (Tuli and Sahu 2013). An attack dubbed as Megacart, adds Javascript to ecommerce sites and many Australian stores have been affected this way. The ecommerce sites that have been targeted are based on OpenCart, Powerfront CMS, and Magento Commerce. This attack collects sensitive customer data as they manually input into payment forms, and the data that are collected includes cardholder name, card expiry date, credit card number and CVC number (BIT 2016). References ABC News. (2015). Australians forced to pay as ransomware virus Cryptolocker is 'unbreakable', expert says. [online] Available at: https://www.abc.net.au/news/2015-08-09/australians-paying-thousands-after-ransomware-virus-infection/6683618 [Accessed 9 Oct. 2016]. ABC News. (2016). Cyber security breach hits WA Parliament communications. [online] Available at: https://www.abc.net.au/news/2016-02-17/cyber-security-breachwa-parliament-knocks-out-communications/7176570 [Accessed 9 Oct. 2016]. Abuzneid, A.A., Gudipati, V.K., Kumar, V., Vetwal, A. and Adeniyi, A., 2015. Detection of Trojan horse by Analysis of System Behavior and Data Packets. Applegate, S., 2015. Cyber Conflict: Disruption and Exploitation in the Digital Age. InCurrent and Emerging Trends in Cyber Operations(pp. 19-36). Palgrave Macmillan UK. Aziz, A., Fireeye, Inc., 2013.Systems and methods for computer worm defense. U.S. Patent 8,516,593. BIT. (2016). Australian online stores caught by keylogger attacks. [online] Available at: https://www.bit.com.au/News/438988,australian-online-stores-caught-by-keylogger-attacks.aspx [Accessed 9 Oct. 2016]. Mishra, B.K. and Pandey, S.K., 2014. Dynamic model of worm propagation in computer network.Applied Mathematical Modelling,38(7), pp.2173-2179. NewsComAu. (2016). Malware attacks Aussie mobile banking customers. [online] Available at: https://www.news.com.au/technology/online/security/sophisticated-malware-detected-that-steals-online-banking-passwords-thwarts-text-authentication/news-story/afa5cf65dfcd350acc069aaf41545e39 [Accessed 9 Oct. 2016]. Niemel, J. and Palomki, P., F-Secure Oyj, 2013.Malware detection by application monitoring. U.S. Patent 8,590,045. Tuli, P. and Sahu, P., 2013. System Monitoring and Security Using Keylogger.International Journal of Computer Science and Mobile Computing,2(3), pp.106-111. Turner, A. (2016). Malware hijacks big four Australian banks' apps, steals two-factor SMS codes. [online] The Sydney Morning Herald. Available at: https://www.smh.com.au/technology/consumer-security/malware-hijacks-big-four-australian-banks-apps-steals-twofactor-sms-codes-20160309-gnf528.html [Accessed 9 Oct. 2016]. Us.norton.com. (2016). What Is A Computer Virus?. [online] Available at: https://us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html [Accessed 9 Oct. 2016]. Usa.kaspersky.com. (2016). What is a Trojan Virus | Malware Protection | Kaspersky Lab US. [online] Available at: https://usa.kaspersky.com/internet-security-center/threats/trojans#.V_m6COB96Hs [Accessed 9 Oct. 2016]. Wang, C.P., 2014.Anti-keylogger computer network system. U.S. Patent 8,726,013. Zhu, Q., Yang, X. and Ren, J., 2012. Modeling and analysis of the spread of computer virus.Communications in Nonlinear Science and Numerical Simulation,17(12), pp.5117-5124.