Top cyber cop warns of increasing digital attacks
ONE OF Australia's top cops fighting cyber criminals warns digital attacks are increasing as authorities struggle to monitor "the tip of the iceberg".
The comments by Queensland Police Service Detective Superintendent Brian Hay follow a suite of attacks on Commonwealth websites.
Det Supt Hay leads the state's fraud and corporate crime squad and chairs the Australia New Zealand Police Advisory Agency on electronic crime.
Last week, Federal Government agencies including the Reserve Bank of Australia, Australian Federal Police and Crime Stoppers were each infiltrated by hackers purporting to be from Indonesia.
In each instance, the apparent culprits claimed their acts were in retaliation for Australian spying on Indonesian President Susilo Bambang Yudhoyono, his wife and inner circle in 2009.
The AFP earlier this week confirmed it was investigating recent attacks on Australian Government sites.
Queensland University of Technology information security expert Dr Ernest Foo said more attacks on Australian sites appear to be coming from Indonesia, as diplomatic tensions remain high.
"There has been an increase since the whole Indonesian spying thing has happened," Dr Foo said.
While government sites may be an obvious target, there is a trend of hackers quietly laying siege to Australian corporations.
Dr Foo said a skilled or well-resourced hacker could potentially access any company connected to the internet, they just needed to uncover a single weakness.
Brisbane-based AusCERT specialises in responding to and preventing these attacks.
Information security analyst Marco Ostini agreed with Dr Foo, warning businesses could be threatened with "ransomware".
Infiltrators steal critical information then blackmail its owner with the threat of either destroying or releasing the data.
If digital marauders want to cause a disruption or vandalism to a website, this can be spotted almost instantly.
For hackers willing to play a longer game for critical information, they could spend eight months before triggering a response.
In one example from travels deep into the "darkweb" or hidden internet, Det Supt Hay said he found a site offering "award-winning Australian engineering firm's data for sale".
"We probably have a number (of companies) compromised in cyber attacks that don't know it yet," Det Supt Hay said.
With many attacks originating from overseas, the chances of securing evidence let alone a conviction is slim.
Private teams of computer experts are often better-funded, better skilled and given better research than authorities.
Regardless, Det Supt Hay said a blossoming relationship between industry and police could help fortify Australians from these attacks.
"In the future, the most effective formula for combating cyber crime would be a partnership of industry, government and law enforcement."