Jump to content

Cyber security


Recommended Posts

Do we rely solely on tech for cyber problems?

Imagine this scenario: 90 per cent of traffic accidents are caused by speeding, so to address the issue all cars must be roadworthy and have airbags installed. Seems straight forward these are important measures.

But if we're saying that the major issue here is the behaviour of people, how do these initiatives address that?


And yet that is exactly what is happening with cyber security. There's a massive push to implement technical solutions for problems that are largely related to the behaviour of people.


2019 report by the UK Information Commissioner's Office found that 90 per cent of data breaches are via people.


Take a bit of unaware, unsuspicious, gullible, helpful and trusting, and lo and behold you have your standard person, ready to be tricked into letting an IT criminal onto your network. Now add to that the fact that we're working from home a lot more on systems that are largely out of the control of IT departments and we've got the perfect storm, ready to be taken advantage of by strategic cyber-criminal groups.


Despite this, SME's who make up most of the businesses in Australia and employ the most people, generally spend very little on cyber security, with half of SMEs spending less than $500 on cyber security in the last year.


Cybercrime is a popular and rapidly growing industry too. It's well resourced, easy to get into, and you can work from home. There's good money to be made, too. Not long ago it used to be a question of "if" you'd be breached. Now the unfortunate reality is about "how bad" and "how often".


So how did we find ourselves in this mess? If you talk to people about cyber security, the general perception is that it's a technical issue.


Most people think that technology like Firewalls and Antivirus will keep you safe at home; the government provides us with the "Essential 8", a framework specifying basic technical controls to secure your network; government grants were provided to help companies part-fund enhancements to technical security infrastructure; and IT criminals are largely portrayed as hooded "hackers" artistically injecting code to crack into a network using their malicious technology.


So yes, on the face of it this clearly looks like a technical problem, and spending $500 on technical solutions isn't going to get anyone very far. Even if a company did allocate some reasonable funds, they're still spending money on getting the road worthy and airbags, and not watching the speed signs!


The core of the issue is that 90 per cent figure. It is compelling. Yes, there are three aspects to IT security: People, processes and technology. But If we don't address all three areas then we have a weak point.


This is Risk Management 101. Identify the risks, determine their likelihood of occurring and impact, give them a rating, prioritise them, and then address them in order.


So how do we address this focus issue? How are we supposed to win the battle against cyber criminals when we have one hand tied behind our back? A great start would be if messaging from government started to support a more balanced perspective.


That could start with taking the technically focused "Essential 8", and bolstering it with a people-centric section to become the "Essential 9".


This new content could focus on the ABC's of cyber security: Awareness, Behaviour & Culture. That is, make people aware of how they are being targeted, motivate them to change their behaviour, and embed cyber security awareness into the culture of the organisation.


It's really not hard to train your staff and then keep them on their toes by drip feeding short snippets of engaging and relevant cyber security content!


This can then flow into industry compliance frameworks, government resources for business that highlight relative cyber security risks, and it can be a reoccurring topic when communicating with businesses and the public about cyber security risks.


A great example is the June increase in malicious activity against political and private sector organisations by a sophisticated state-based actor. In a breach it was reported an attacker gained access to systems by targeting people after failing to gain access through technical means. This provided the perfect opportunity to talk about cyber security awareness initiatives as opposed to the usual technical solutions narrative.


As companies start to embrace a culture of cyber security awareness they will naturally gravitate towards more technical controls, hopefully driven by a realisation of the cost benefits that come from breach reductions.


Remember the saying "culture eats strategy for breakfast"? Well cyber security culture will feast on IT criminal strategy if it's done well, and the Government has a great opportunity to drive this change now.

Mike Ouwerkerk



Link to comment
Share on other sites

  • 3 weeks later...

Govt report out




we must do more!

The 56-page report calls for increased government investment in the Joint Cyber Security Centre program. Federal agencies spend on average about 6 per cent of their ICT budget on security. Leading jurisdictions, such as Singapore and Israel, spend about 10 per cent.


The panel also said there was a clear need for a mechanism between industry and government for real-time sharing of threat information, beginning with critical infrastructure operators. The government should also empower industry to automatically detect and block a greater proportion of known cyber security threats in real time...

Link to comment
Share on other sites

The hacking of 130 high-profile Twitter accounts on Wednesday 15 July is a reminder of the growing importance of cybersecurity in the new digital age. Verified accounts including Jeff Bezos, Bill Gates, Elon Musk, and Barack Obama were targeted and used to post a scam seeking to lure followers into sending Bitcoin to the perpetrators. The majority of companies that are more vulnerable than a US$28bn social networking giant need to take notice. Working from home may increase the likelihood of a cyber breach for many companies, as employees are often working with less than optimal software and using unsecured forms of communication. According to the PwC Global Economic Crime and Fraud Survey 2020, cybercrime is the second most frequent incident of fraud.


It is not just companies that are expected to increase spending in this area. On 30 June 2020, Prime Minister Scott Morrison announced a plan for the nations largest ever investment in cybersecurity; A$1.35bn and over 500 new jobs over the next decade to enhance the cyber security capabilities. The 2019 US President Budget included a US$15bn budget for cybersecurity-related activities.


BetaShares Global Cybersecurity ETF (HACK) provides exposure to a diversified portfolio of the largest leading and emerging cybersecurity companies in the world. HACK provides a simple and cost-effective method to gain exposure to the rapidly growing global cybersecurity sector.


For full details refer to the detailed report; click on the link to download your copy.



are companies primarily involved in the building, implementation and management of security protocols applied to private and public networks, computers, and mobile devices to provide protection of the integrity of data and network operations.


Investment approach

HACK seeks to achieve the investment objective by providing a full replication of the Index.

The index employs a modified liquidity weighted methodology. Liquidity is measured using the 3-month average daily dollar trading volume of each Index security as of the close of trading on the last trading day in February, May, August, and November. There must be a minimum liquidity of US$1m to be included in the Index. Eligible securities must also be listed as a cybersecurity company as determined by the Consumer Technology Association (CTA) and have a minimum worldwide market capitalisation of US$250m.


Each quarter, the Index is rebalanced such that the maximum weight of any Index security does not exceed 6% and no more than 5 securities are at that cap. Next, any remaining Index securities more than 3% are capped at 3% and the excess weight is redistributed proportionally across the remaining securities.


Seems mainly USA focused: Top 10 holdings

CrowdStrike Holdings Inc 6.7%

Splunk Inc 6.3%

Broadcom Inc 6.3%

Okta Inc 6.1%

Cisco Systems Inc 5.6%

Cloudflare Inc 3.5%

Zscaler Inc 3.5%

Check Point Software Technology 3.2%

Akamai Technologies Inc 3.1%

CyberArk Software Ltd 3.1%

Link to comment
Share on other sites

  • 2 weeks later...

The cyber strategy announced this week describes the problem we face :

Nation-states and state-sponsored actors seek to compromise networks to obtain economic, policy, legal, defence and security information for their advantage. (They) may also seek to achieve disruptive or destructive effects against their targets during peacetime or in a conflict setting. These actors tend to be sophisticated, well-resourced and patient adversaries whose actions could impact Australia’s national security and economic prosperity.



Link to comment
Share on other sites

This sector has got to be in a bubble? Or is the market making up for neglecting cyber security.

compare the recent runs to what was said only a year ago:


Looking at the Australian stock market, though, you would not know that cyber security is a growth business. The ASX does host cyber security companies, but sadly, it is a desert in terms of investment success. Is this because of the technology offerings being lacking in some way, or the relative lack of specialist investors to pick up on the opportunities being presented, and give them some market support and impetus? That appears to be a big problem....


Here are four interesting candidates in the ASX-listed cyber-security world ... but be warned, all of these have severely tested investor patience.

goes to list AR9, TNT, WHK and SEN. Along with VOR, all are up 10 to 20% today. And have been booming for a month or so. With small Market Caps, there was probably no institutional presence on their registries until recently
Link to comment
Share on other sites

  • 3 months later...

This is appalling

Fake Zoom invite cripples Aussie hedge fund with $8m hit


A Sydney hedge fund has collapsed after a cyber attack triggered by a fake Zoom invitation saw its trustee and administrator mistakenly approve $8.7 million in fraudulent invoices.


The scam, the latest in a series of strikes by offshore criminal gangs against Australian fund managers, has also ensnared ANZ after the bank failed to stop almost $800,000 being withdrawn from an account linked to the cyber criminals.


Levitas Capital, which traded the so called far index in the US, was forced to close due to its largest institutional client, Australian Catholic Super, withdrawing its money after the September cyber attack.


NSW police are investigating the matter as digital crime experts report a spike in attacks on hedge funds and private equity firms this year, as informal checks were weakened due to staff working at home as a result of the pandemic.


There were so many red flags which should have been spotted, said Michael Fagan, who co-founded Levitas Capital, which had $75 million under management before the attack.


The Australian Financial Review has been told of another fund which lost $25 million in client money from a similar cyber attack, while the trustee for another firm blocked a $1.8 million transfer after the fake invoice was spotted.


Cyber investigators hired by Levitas said the attack was initiated after Mr Fagan or Mr Brookes clicked on a fake Zoom invitation, which triggered a malicious software program to be planted on the company's network. This allowed the cyber criminals to take control of its email system and send off the bogus invoices.


Mr Fagan discovered the cyber attack on Levitas by chance on September 23, when the four-year-old fund was preparing to receive a further $16 million from Australian Catholic Super after a bumper year. ACS declined to comment.


The fund, which Mr Fagan founded with fellow trader Michael Brookes, had risen 20 per cent for the year as its algorithm-based model benefited from the wild fluctuations on global markets.


... By chance on that Wednesday morning, Mr Fagan was in the office early and checked their Commonwealth Bank account only to discover $1.2 million had been transferred out eight days earlier. The company receiving the money, Unique Star Trading, meant nothing to him.


Even more curious was that the money had been transferred to an ANZ account in the south-western Sydney suburb of Bankstown, which the fund had never dealt with previously.


The payment was approved by AET Corporate Trust, Australia's third-largest trustee with $55 billion under supervision, which holds money on behalf of funds like Levitas and is responsible for protecting investors. AET is owned by Sargon, a superannuation services roll-up that was bought by New York financiers this year after going into voluntary administration.


In a statement, Sargon said it was "continuing to investigate the compromise" to determine "how the manual processes required to verify instructions may have fallen down". The company stressed its SargonPay infrastructure remained secure.


Mr Fagan said the payment request was suspicious on many levels and should have been picked up by both the trustee and the administrator, Apex.


The entire funds management industry relies on a range of important checks and balances to ensure the integrity of the system – in particular the role trustees and administrators are supposed to play, he said. This is one example of the manifest failure of these checks and balances with dramatic consequences for our business. It makes you wonder where else in the system could this happen?"


Issues that were not picked up included the attached invoice being addressed to Levitas, not the trustee as was required.


It also claimed to be a "capital call", something the fund had never previously requested. Unique Star also had no links or previous relationship with the fund and was not on its supplier list.


The fund administrator, Apex, did call Mr Fagan to verify the transaction, but he was at the gym and said he would call back before approving any payments.


When he returned to the office he emailed Apex but received no reply or call back. The $1.2 million was transferred to Unique Star's ANZ account that day ... September 16.


In the background, the fund later learned, the hackers had sent another email to the fund administrator Apex authorising the transaction, as they had taken control of the hedge fund email system.


Apex said it strongly disputes claims that insufficient attempts were made to inform the managers of potentially fraudulent transfers"."We have robust internal procedures and controls in place. We are confident that our processes were followed appropriately, it said in a statement.


In a 10 day period after that money was transferred, a Pakistani national, Muhammad Bhatti, walked into an ANZ branch in Bankstown and withdrew $240,000 via a bank cheque.


He also raised another bank cheque for $240,000 from an ANZ branch in Kogarah during this period. One of these cheques was then deposited in a Bank of Queensland account; the other was blocked by Commonwealth Bank, Levitas' bankers.


On September 26, Mr Bhatti left Australia on a Qatar Airways flight, but prior to this he made 64 more withdrawals from the ANZ account totalling about $300,000. These included cash withdrawals from ANZ branches and convenience stores, along with purchases from David Jones and JB Hi-Fi.


In a statement, ANZ said while realtime payments provided opportunities for criminal elements, it continued to work closely with AUSTRAC, law enforcement and the broader industry to detect, prevent and disrupt serious financial crimes.


A week after the first transaction, another fake invoice was wrongly authorised from the Levitas account. This time $2.5 million was sent to the Bank of China in Hong Kong to a company called Pavelin Limited. Once again, the fund hadn't previously dealt with this company.


The hacker had sent a further email from Mr Fagan authorising the transaction. Neither Mr Fagan nor Mr Brookes received calls from the administrator or trustee to check the transaction.


On the same day, September 22, the trustee received further instructions from the administrator to send $5 million to East Grand Trading at the United Overseas Bank in Singapore. The same red flags were evident on the invoice, but again, no verification calls were made. The money was approved for transfer.


Fortunately, on that same day, Mr Fagan checked the bank accounts, something he would not normally do, as he was waiting for the additional funds from Catholic Super.


On realising more than $8 million was missing, he immediately issued stop orders with a series of frantic phone calls. Since then he has retrieved the $5 million sent to Singapore and the $2.5 million which went to Hong Kong.


But had he not checked the account, or waited even another day, the funds would have most likely cleared both overseas banks and become almost impossible to trace. We could have lost $30 million, Mr Brookes said.


By the time the pair were alerted to the fraud, the $1.2 million ANZ payment had already gone through... and $781,000 had been taken out of the account by Mr Bhatti




.... everyone blames everyone else

Link to comment
Share on other sites

  • 1 month later...

Cofense founder and chief executive Rohyt Belani told The Australian that spear phishing, using business email compromise (BEC), had cost business more than $US26bn ($34bn) over the past four years, with attacks showing no signs of abating.


Mr Belani said while most companies were running phishing simulation software to train their employees in preventing attacks, a more proactive approach was needed.


“You can reduce susceptibility. But we weren’t quite happy with saying ‘great you brought susceptibility rates down from 45-50 per cent to 5 per cent’ because there is still residual risk and what do you do about the 5 per cent?†Mr Belani said.


Part of the solution was installing a button in Outlook and other email platforms for people to report suspicious emails to aid early detection by cyber security experts. That button now has more than 29 million unique deployments globally, Mr Belani said, and is growing by about 100,000 per week.


“What we found was it is a tremendous source of crowdsourced data on suspicious emails. The challenge is how do you find the needle in the haystack.


“There are lot of suspicious emails being reported — some benign, some are spam, some are legitimate emails, and then there are the few that are malicious in nature.


“We created a suite of software to help members of security operations teams take this barrage of reports from an organisation and separate the signal from the noise.â€


But Mr Belani said even some of the biggest corporations were facing talent constraints in securing cyber security experts, making it difficult to act on the deluge of suspicious email reports — even when they were sorted.


And this is when Cofense went from software developer to a managed service offering.


“It allowed organisations to outsource the problem of detecting phishing attacks that have bypassed their perimeter controls, their gateways … and essentially remove the threat from their environment.


“We’ve done this for about three years in other parts of the world. We started in the US and now have phishing defence centres in the UK, Ireland and India as well. It’s just been a natural progression.â€

Link to comment
Share on other sites

Stockhead on Cyber and AI (the hot sector for 2021 ?)





Code Company ............Price© .. %Yr .. MktCap

TNT ... Tesserent Limited 33.5 .. 628 $324.2M

WHK .. Whitehawk Limited 30 .. 249 $63.4M

FZO .... Family Zone Cyber 43 .. 161 $169.6M

FFT ... Future First Tech 4.2 .. 148 $23.2M

AR9 .. Archtis Limited 31 .. 138 $62.7M

5GN .. 5G Networks Limited 131.5 .. 85 $150.2M

PRO .. Prophecy Internation 67 34 $43.5M

ELS .. Elsight Ltd 41 .. 10 ....$57.3M

VOR .. Vortiv Ltd 17 ... 6 ...... $23.9M

HWH .. Houston We Have Ltd 4.4 .. 5 $11.5M

SOV .. Sovereign Cloud Hldg 97 .. 0 $51.4M

PSC .. Prospect Res Ltd 13 ... -10 $43.2M

SEN .. Senetas Corporation 6 .... -12 $67.1M

CPT .. Cipherpoint Limited 4.6 .... -28 $7.3M

SPA .. Spacetalk Ltd 10.5 .... -64 $18.1M

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...