Protecting against the evolving threat of hacking Back

​Cybercrime is by no means new. But now, attackers are getting even more sophisticated – targeting operational technology (OT) infrastructure. From tampering with production lines to meddling with water treatment plans, these attacks can have grave consequences.

This certainly contributes to organisations feeling unconfident in their systems' protection, and many unsure their data breach response plan meets requirements.

Here's what you need to know to keep your council, staff, and community safe.

Cybercrime has expanded into new territory

Until now, cybercrime has predominantly encompassed social engineering and ransomware attacks.

Indeed, the recent hacking of one of Australia's biggest media companies, Nine Entertainment (which disrupted Nine's systems for approximately 24 hours) bore all the hallmarks of ransomware.

These incidents are essentially privacy breaches, where hackers acquire internal data – such as records, employee information or business secrets. Although they're messy and costly to remedy, the path of destruction generally ends at the organisation's front door.

But now, hackers are using software not just designed to steal data, but to infect entire operational systems.

These sophisticated attacks on infrastructure can have significant safety, social, and economic consequences – that extend beyond a business and into the community.

What do these attacks look like?

We can see the disruption these attacks pose by looking at some recent examples.

In June 2020, a cybercrime was performed against Israel's water supply with attackers attempting to increase chlorine levels and poison residents.

Although the attack was unsuccessful, it had the potential to shut down the pump and leave thousands without safe water during a heatwave.

Around the same time, global auto manufacturing giant, Honda, had to close its doors for a day – due to a virus infiltrating its computer networks. Hackers affected its inspection system, a vital tool used to safety-check cars. Production factories in India, Brazil, Turkey, Japan and the US were all impacted.

Only a few days ago, an oil and gas pipeline in the US was impacted by a malware attack, which disrupted supply.

Systems most at risk

The types of systems at risk from hacking are diverse.

Essentially, the most vulnerable systems are those where malfunction would create disturbing consequences – such as physical harm, a horrific fire, or environmental destruction. These include:

  • Fire safety equipment
  • Security systems
  • Transportation systems
  • Scientific equipment
  • Remote monitoring
  • Lighting controls and energy monitoring
  • Equipment sensors

What can your council do to protect itself?

Luckily, we haven't seen these attacks in local governments in Australia yet. However, with the escalation of such crimes internationally, we need to be wary.

WA local governments are becoming more aware of the risks and developing control environments. The recent report from the Office of the Auditor General, Local Government General Computer Controls, found various areas with opportunity for improvement.  

Here are some best practices to reduce attacks and protect your local government:

  • Implement secure remote access methods
  • Use network segmentation and apply firewalls between critical networks and systems
  • Ensure your organisation and its vendors have clear responsibilities for addressing cybersecurity risk through the OT lifecycle
  • Keep an inventory of operational systems and remove exposure of these systems to external networks
  • Use strong passwords and multi-factor authentication or privileged access management solutions
  • Implement threat intelligence feeds from your OT vendors to stay on top of new risks
  • Enforce strict policies on mobile devices connecting to OT systems or network zones
  • Establish an employee cybersecurity training program
  • Develop a Business Continuity Plan to prepare for a significant disruption

For more information, please contact the LGIS risk and governance services team on 9483 8868.