• Enjoy the freedom to innovate and grow your business


    [ad] With Microsoft Azure you have hybrid cloud flexibility, allowing your platform to span your cloud and on premise data centre. Learn more at microsoftcloud.com.

  • IT Admin: No Time to Save Time?


    [ad] Do you spend too much time patching machines or cleaning up after virus attacks? With automation controlled from a central IT management console accessible anytime, anywhere – you can save time for bigger tasks. Try simple IT management from GFI Cloud and start saving time today!

  • Free Forrester analysis of CRM solutions


    [ad] In this 25 page report, independent analyst house Forrester evaluates 18 significant products in the customer relationship management space from a broad range of vendors, detailing its findings on how CRM suites measure up and plotting where they stand in relation to each other. Download it for free now.

  • Great articles on other sites
  • RSS Great articles on other sites


  • Reader giveaway: Google Nexus 5


    We’re big fans of Google’s Nexus line-up in general at Delimiter towers. Nexus 4, Nexus 7, Nexus 10 … we love pretty much anything Nexus. Because of this we've kicked off a new competition to give away one of Google’s new Nexus 5 smartphones to a lucky reader. Click here to enter.

  • Blog, Security - Written by on Thursday, January 24, 2013 14:38 - 27 Comments

    Debunking the “cyber-security” hype

    blog Prime Minister Julia Gillard has spent much of yesterday and today talking about the massive threat that so-called “cyber-security” attacks pose to Australia, and highlighting how the Federal Government is throwing billions of dollars at the situation. But is the “cyber” threat really that imminent and dangerous? No, according to Crikey correspondent Bernard Keane. Keane has published an extensive, highly referenced article debunking eleven recent “cyber” attacks. A sample par (we recommend you click here for the full article):

    “… it pays to be sceptical whenever politicians, commentators or companies talk about the massive threat cyber warfare poses. To help, Crikey has compiled a reading guide to some of the claims made both about cyber warfare and cybersecurity generally, and to some of the specific incidents that are used by advocates of “cybersecurity” …”

    We don’t always agree with everything Keane writes, but we think he’s nailed it in this article. There is no doubt that attention needs to be placed on the IT security of Australia’s critical infrastructure, and that governments and corporations all around Australia should be doing a better job of securing their IT systems. However it’s very unlikely that Australia is on the verge of a hugely dangerous “cyber” attack. Calm down, people. The “cyber” sky isn’t falling.

    submit to reddit

    27 Comments

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. Marcus
      Posted 24/01/2013 at 2:51 pm | Permalink |

      +1.
      what can i say, you’re both right.

    2. Kevin Davies
      Posted 24/01/2013 at 2:53 pm | Permalink |

      Can someone in the security industry please take Renai LeMay aside and have a quiet word with him…

      • Posted 24/01/2013 at 2:58 pm | Permalink |

        Kevin,

        You’ve got evidence which runs contrary to this article? I invite you to present it and I will consider it.

        Cheers,

        Renai

        • Trevor
          Posted 24/01/2013 at 3:25 pm | Permalink |

          Haha calm down Ren, Kevin was attempting to be humerous/sarcastic, his comment being directed at the fact that your article runs contrary to Govt & much private security propaganda/publication on the topic (and justifiably so, too – this is exactly the same kind of sky-is-falling fear mongering that generated the ‘Y2k bug’ nonsense that was one of the biggest orchestrated international rorts by an entire industry that the world has ever seen).

          Seems to me that memories are very short & the usual suspects are at play here with the same tired old tricks, but my money’s on them grtting away with it because they always have & the public shows no signs of waking up at this juncture…

          • Woolfe
            Posted 25/01/2013 at 1:48 pm | Permalink |

            Offtopic, but Y2k wasn’t a complete Rort. The biggest concern was what would happen when all the devices and especially the heavy machinery type devices that had chips in them that couldn’t go past 99. That was the real issue. Unfortunately in most of those situations because a lot of the gear couldn’t be tested easily(often the work required to be able to test, was harder than just replacing).

            Home pc’s even most business pc’s etc were not a great concern, that was definately hyped out of all proportion.

            As it turns out it all went swimmingly anyway. There were a couple of documented failures due to y2k (HSBC lost all its swipe card access or something) and I have no doubt there were a lot of little glitches that just got managed. Now whether that was because it was a “non issue” or because everyone replaced and “fixed” every system is a question only the gods can answer.

            I actually look on Y2k as a major success. There was an issue, and people did something to prevent it, and lo and behold no issue. If only we were so forward thinking about climate change :-)

    3. Kevin Davies
      Posted 24/01/2013 at 3:07 pm | Permalink |

      I am not in a position to do that. For your benefit, have asked. If it does happen, no promises Renai, you will likely not be able to discuss it in other than the most general terms. However you would have a much better understanding of the challenges we face in the cyber sphere.

      • PointZeroOne
        Posted 24/01/2013 at 3:58 pm | Permalink |

        Do you really work in the ‘cyber’ industry and call it ‘cyber something’?

        “oh what do you do for work?”
        “I cyber”
        “erm…you have online sex?”

      • Posted 24/01/2013 at 4:05 pm | Permalink |

        “in the cyber sphere”

        hey Kevin,

        perhaps it’s time to reveal who you are/where you’re employed? I don’t think anyone who works in IT security would refer to their role as being “in the cyber sphere”.

        Cheers,

        Renai

        • Ausgnome
          Posted 24/01/2013 at 4:08 pm | Permalink |

          I often tell people I am a Cyber Programmer or was that Cider Programmer

          • Posted 24/01/2013 at 4:17 pm | Permalink |

            Maybe I should start describing myself as a “cyber-blogger”.

            I can just imagine the reaction that would get every time I called up a government department for a comment.

            • Murdoch
              Posted 24/01/2013 at 4:36 pm | Permalink |

              Are you …… no …. you can’t be …..

              A Cyberman?

              I guess the next question is …. who are the Daleks?

              O wait. That’d be Tony Abbott wouldn’t it?

              CALL THE DOCTOR! WE’RE UNDER ATTACK!

        • PointZeroOne
          Posted 24/01/2013 at 4:34 pm | Permalink |

          He’s CyberMan, defender of the cybers!

    4. PointZeroOne
      Posted 24/01/2013 at 3:18 pm | Permalink |

      ON NOES SOMETHING ‘BAD’ HAPPENED ON A PIECE OF TECH

      CYBER CRIME!!!

      • Hubert Cumberdale
        Posted 24/01/2013 at 4:14 pm | Permalink |

        yep, pretty much, it’s always easier and more convenient to blame those “evil hackers stealing my megabytes” lol… of course those with an interest need to overstate the severity to keep themsleves relevant.

    5. Ausgnome
      Posted 24/01/2013 at 4:06 pm | Permalink |

      After reading this. I am not sure if I should be laughing or Crying

      or both

    6. Posted 24/01/2013 at 4:07 pm | Permalink |

      We must fear all cybers. For they will cyber us with their cyber-ey things.

      The FUD and extensive bollocks perpetuated by those in this industry was the reason my time in it was limited. Yes, there are attacks. Yes, people have data stolen or compromised. Yes, both state and non-state actors are involved. Yes, attention needs to be paid and dollars spent.

      But lots of yesterday was hype. As is a significant part of what we hear from government and the media.

      It remains the fact that the greatest risk to corporate and government secrets is the compromised or disaffected insider walking out via the front door with photocopies or a USB stick full of information.

      And, for individuals, low-quality passwords, easily guessable, and overly-linked data are the wide-open front door to messing with your reputation and money. For those unsure, see Wired’s extensive coverage of Mat Honan’s very messy story – http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/

      • SMEMatt
        Posted 24/01/2013 at 5:49 pm | Permalink |

        How could that happen I thought all apple products are safe from hackers.

        • Tom
          Posted 24/01/2013 at 6:20 pm | Permalink |

          They are!

          Apparently third-party cookies are unsafe, unless you’re using Safari on OS X, in which case you won’t get your viruses from third-party cookies…

          :|

      • Dan
        Posted 25/01/2013 at 9:54 am | Permalink |

        Modern ‘photocopiers’ can be made to prevent the disclosure of sensitive information. Remember it’s just a digital scanner on top of a laser printer, so a second set of ‘eyes’ can “big-brother” anything happening on the device.

        Also, the sensitive government departments use terminal services with USB devices denied access by policy enforcement.

        You would really, really have to go to some lengths to steal that sort of information these days, which beggars belief as to how the whole ‘cable gate’ affair was executed.

        • Posted 25/01/2013 at 10:01 am | Permalink |

          Dan, what they *can* and do do are two separate things. I’ve worked in highly secure environments in recent times where not only are photocopiers not controlled, they are still rigged as faxes as well, against DSD advice.

          So too, USB. I’ve worked many places where they’re switch off at hardware or hot-glued. Doesn’t stop people invoking Gilmore’s Law when they need to.

          When need meets motivation, shit gets done.

          • Trevor
            Posted 25/01/2013 at 12:05 pm | Permalink |

            I think this highlights a huge problem in IT security worldwide, but is particularly prevalent in Australia – if you want to secure your systems, you need to think and act like someone throwing everything they’ve got at compromising them. The best way to do this is often to employ hackers to do penetration testing, or at the very least developing these skills in-house. Unfortunately Australian law, government and industry prefer to deal with this issue by criminalising any and every part of it (including hacking for ‘legitimate’ purposes) and then burying their heads in the sand in the hope that somehow by ignoring it they have solved the very problem they are avoiding.

            Much like bankruptcy, Australia needs to grow up and embrace ethical hacking as a legitimate and fundamental step in protecting and securing their IT systems. I’d go so far as to suggest thorough penetration testing be a mandatory legal requirement for any company entrusted to securely store customer/citizen records. To do less is to fail in your duty of care to protecting the privacy of your customers.

    7. Soth
      Posted 24/01/2013 at 5:27 pm | Permalink |

      That person who’s NBN gigabytes were hacked caused this sudden knee jerk reaction didn’t it! :)

    8. Joe
      Posted 24/01/2013 at 6:10 pm | Permalink |

      I saw a documentary the other day called “Skyfall” and OMG its so scary what is happening in the cyber space!!!
      Julia is right, more money spent on cyber safety will make our lives much better. Also we should start investing in prevention of Y3K bugs. My precise calculation, our whole GDP spend on that will make us totaly safe. :-)

    9. Paul Krueger
      Posted 25/01/2013 at 11:29 am | Permalink |

      The problem is that anyone who could give accurate advice on the danger would most likely be employed in the Industry, with much to gain from increased spending.

      Having said that… I think that the biggest loss caused by a “cyber attack” last year was the data that Millions of people lost when the United Stated shut down megaupload with no respect for the legitimate data stored there.

      The problem with data, be it photos or business records is that the effort involved in deleting it is so small compared to the effort to create it.

    10. Woolfe
      Posted 25/01/2013 at 2:01 pm | Permalink |

      I would suggest this is being pushed by the US. I am in a US company that has in the past few years had some issues that resulted in DHS and FBI getting involved. This company does a certain amount of business with a certain large asian nation.
      We are now going through absolute ridiculous measures in regards to “cyber security”, and it is quite hush hush as to why in the upper echelons. So much so that I have been told not to ask. Which is surprising as whilst communication is a major fail here, if you ask the right people you can find out what you want usually.
      Bearing in mind this company I am in, is not defence or technology related in any way, nor do they do any particular amount of research etc. It is a Primary producer who sells a single product. So any espionage type actions would at most affect the financial well being only. (which could be considered enough in many ways, but still)

    11. Kevin Davies
      Posted 28/01/2013 at 8:59 am | Permalink |

      Interesting… http://www.smh.com.au/it-pro/-2delw.html

      Keep the cyber jokes going guys… I am sure humor will protect you.

    12. Kevin Davies
      Posted 09/02/2013 at 7:51 pm | Permalink |

      So Renai, what will it take for you to treat these threats seriously? A government institution, oh hang on I have something here for you…

      http://www.smh.com.au/it-pro/security-it/criminals-breach-australian-tax-system-20130208-2e2kn.html

      And the hits just keep on coming.




    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:


  • Most Popular Content


  • Six smart secrets for nurturing customer relationships
    [ad] Today, we are experiencing a world where behind every app, every device, and every connection, is a customer. Your customers will demand you to be where they and managing customer relationship is the key to your business’s growth. The question is where do you start? Click here to download six free whitepapers to help you connect with your customers in a whole new way.
  • Enterprise IT stories

    • NetSuite in whole of business TurboSmart deal turbosmart

      Business-focused software as a service giant NetSuite has unveiled yet another win with a mid-sized Australian company, revealing a deal with automotive performance products manufacturer Turbosmart that has seen the company deploy a comprehensive suite of NetSuite products across its business.

    • WA Health told: Hire a goddamn CIO already doctor

      A state parliamentary committee has told Western Australia’s Department of Health to end four years of acting appointments and hire a permanent CIO, in the wake of news that the lack of such an executive role in the department contributed directly to the fiasco at the state’s new Fiona Stanley Hospital, much of which has revolved around poorly delivered IT systems.

    • Former whole of Qld Govt CIO Grant resigns petergrant

      High-flying IT executive Peter Grant has left his senior position in the Queensland State Government, a year after the state demoted him from the whole of government chief information officer role he had held for the second time.

    • Hills dumped $18m ERP/CRM rollout for Salesforce.com hills

      According to a blog post published by Salesforce.com today, one of Ted Pretty’s first moves upon taking up managing director role at iconic Australian brand Hills in 2012 was to halt an expensive traditional business software project and call Salesforce.com instead.

    • Dropbox opens Sydney office koalabox

      Cloud computing storage player Dropbox has announced it is opening an office in Sydney, as competition in the local enterprise cloud storage market accelerates.

    • Heartbleed, internal outages: CBA’s horror 24 hours commbankatm

      The Commonwealth Bank’s IT division has suffered something of a nightmare 24 hours, with a catastrophic internal IT outage taking down multiple systems and resulting in physical branches being offline, and the bank separately suffering public opprobrium stemming from contradictory statements it made with respect to potential vulnerabilities stemming from the Heartbleed OpenSSL bug.

    • Android in the enterprise: Three Aussie examples from Samsung androidapple

      Forget iOS and Windows. Today we present three decently sized deployments of Android in the Australian market on Samsung’s hardware, which the Korean vendor has dug up from its archives over the past several years for us after a little prompting :)

    • Businesslink cancelled Office 365 rollout cancelled

      Microsoft has been on a bit of a tear recently in Australia with its cloud-based Office 365 platform, signing up major customers such as the Queensland Government, Qantas, V8 Supercars and rental chain Mr Rental. And it’s not hard to see why, with the platform’s hybrid cloud/traditional deployment model giving customers substantial options. However, as iTNews reported last week, it hasn’t been all plain sailing for Redmond in this arena.

    • Qld Govt inks $26.5m deal for Office 365 walker

      The Queensland State Government yesterday announced it had signed a $26.5 million deal with Microsoft which will gain the state access to Microsoft’s Office 365 software and services platform. However, with the deal not covering operating system licences and not being mandatory for departments and agencies, it remains unclear what its impact will be.

    • Hospital IT booking system ‘putting lives at risk’ doctor

      A new IT booking platform at the Austin Hospital and Olivia Newton-John Cancer and Wellness Centre in Melbourne is reportedly placing the welfare of patients with serious conditions at risk.

  • Enterprise IT, News - Apr 17, 2014 16:39 - 0 Comments

    NetSuite in whole of business TurboSmart deal

    More In Enterprise IT


    News, Telecommunications - Apr 17, 2014 11:01 - 146 Comments

    Turnbull lies on NBN to Triple J listeners

    More In Telecommunications


    Featured, Industry, News - Apr 17, 2014 9:28 - 1 Comment

    Campaign Monitor takes US$250m from US VC

    More In Industry


    Digital Rights, News - Apr 17, 2014 12:41 - 15 Comments

    Anti-piracy lobbyist enjoys cozy email chats with AGD Secretary

    More In Digital Rights