After Scott Morrison recently warned Australian businesses to be on alert for potential cyber attacks following Russia’s “invasion” of Ukraine, Momentum Media sat down with MAJGEN (Ret’d) Dr Marcus Thompson to discuss how they could buffer themselves against any threats.
Dr Thompson recently appeared on the Cyber Uncut podcast with co-host Phil Tarrant, Momentum Media director – defence, security and aerospace, where he referred to his op-ed in The Australian Financial Review to draw attention to how Mr Morrison himself warned Australian businesses about potential reprisals from Russia in the form of cyber attacks.
The warning, which came after a meeting of the cabinet’s national security committee recently, followed Australia imposing a suite of measures against Russia including economic sanctions, travel bans on key Russian officials, and restrictions on the movement of money.
While it could be tempting to remain complacent due to a failure to recognise the level of threat and Russia’s extensive cyber capabilities, Dr Thompson urged professionals serviced by the Momentum Media brands to heed Mr Morrison’s warnings.
“I mean… before he was invited for questions, he took time out to warn the nation of the potential for cyber attacks as a reprisal against Australia for those sanctions,” Dr Thompson said in the podcast.
“[The threats] should not surprise anyone. The Russians are masters of information warfare, and there's been so much written and talked about in the open source and books, and articles and magazines, and whatnot, just about the Russian approach to information warfare, which of course includes cyber. The Russians have been masters in information warfare for decades, if not centuries.”
The spread of fake news
While Russia has carried out psychological, information, and deception operations for years (which is now commonly known as fake news or disinformation), what is new is the speed and scale at which these activities could be conducted because of the ability to do it in and through cyber space, Dr Thompson warned.
When asked by Mr Tarrant about whether the threat stems from Russian state-sponsored cyber activity or from proxies, hackers and cyber criminals, Mr Thompson responded that it is difficult to distinguish between the two but warned that their objectives could be identical.
“There have been media reports over the past 15 years of Russian cyber criminals being used to advance Russian national interests in an attempt or in an apparent alleged attempt to be held at an arm's length from the actual government,” he said.
“But make no mistake, their objectives are identical, and with a very capable or a high-quality capability that is real, that is active, and can do serious harm to your business.”
While being an isolated island could have worked in Australia’s favour against other types of attacks, it is of little consequence in this instance because most businesses operate online, have an IP address, and as such, are not immune to cyber attacks.
What can you do about it?
The good news is there are measures businesses could employ to bolster their cyber security posture, and prevent or minimise the impact of any incident, especially those in critical infrastructure.
“It's behoves Australian businesses just to be thinking of it…” Dr Thompson emphasised.
“The time to be preparing for any reprisals is before the reprisal. Not during any subsequent attack or incident.”
For example, businesses could patch their systems, and update their hardware and software and security measures.
In addition, identifying vulnerabilities that a threat actor could exploit could allow businesses to close those gaps, including in their supply chain.
“With everything just so globally connected now, and especially with all of the global supply challenges that we’re all experiencing at the moment in the wake of the pandemic, where might you be vulnerable both internationally and domestically?” Dr Thompson questioned.
Businesses could also design and revise their business continuity plans, and incident and crisis management procedures, while ensuring that decision-making authorities and delegations are understood by everyone, including those in the supply chain and third-party providers.
Foster a cyber-aware culture
Likewise, building a robust security culture is critical in a business, as is educating team members on how to monitor for suspicious activity or avoid clicking on phishing emails that could provide attackers with easy access to confidential information in their systems.
When asked whether speaking to staff about imminent cyber security threats would spur fearmongering, Mr Thompson dismissed the notion and instead pushed business owners to educate everyone about cyber security threats.
“This culture, this awareness of the cyber security threat is part of that self-defence, which is that first layer of protection that any organisation can be considering,” he said.
“Over the past couple of years, sensible businesses have been having sensible conversations about protecting themselves from COVID-19, and the variants thereof, and all of the appropriate mitigations and preventions being in place. This is just another concern or challenge that businesses need to be considering, and to adopt measures to protect themselves.”
Importantly, Dr Thompson advised businesses to follow the Australian Cyber Security Centre, subscribe to their threat updates, and sign up as a partner to receive updated “contemporary” information that the centre releases publicly.
To listen to the full Cyber Uncut podcast by Phil Tarrant and Dr Thompson about the impact of cyber warfare on Australian businesses and how they could shield themselves click the player below or click here to listen on your device.