#cyber attacks#digital infrastructure#Heartbleed#CSIRO#digital security

CSIRO predicts future cyber attacks could cost businesses and governments billions

|May 6|magazine9 min read

In a report presented at CeBIT’s Cyber Security Conference, Commonwealth Scientific and Industrial Research Organisation’s (CSIRO) director James Deverell warned Australia’s digital infrastructure is vulnerable on unprecedented scales.

"The sheer complexity and interconnectedness of different elements of our digital economy means we can expect rapid exponential growth in the number, speed, and severity of breaches — far beyond what any single organisation can tackle on its own,” commented Deverell. “The more we rely on digital services for our basic needs like healthcare and energy, the more drastic the consequences of any breach may be."

CSIRO’s latest report – Enabling Australia’s Digital Future: Cyber Security Trends – once again brings attention to possible security breaches as large as (or larger) than the recent Heartbleed vulnerability. This specific exploit “compromised the core encryption architecture of the internet and was a one of the biggest threats in recent times to the web.”

Read related articles from Business Review Australia:

Although the Heartbleed hole was promptly plugged, CSIRO warns that future hack attacks could lose the digital economy of Australia billions. There are both small- and large-scale concerns in regards to possible attacks. For example, individuals’ tax file numbers or medical record information could be exposed. On a grander scale, defence information could leak, and energy infrastructure could be disabled. A $16 billion defrauding of the healthcare system over the next 10 years is another concern mentioned in the report.

Hackers could use "holes in computer security similar to Heartbleed to shut down energy grids, disrupt public services, and steal vast amounts of private data worth billions of dollars, unless measures are taken now to prepare for such scenarios,” the report stated.

In order to combat future hacking attempts, Deverell and CSIRO’s report call for a collaboration effort between the private and public sectors. As was discovered during the information gathering and containment process of the Heartbleed discovery, collaboration and open disclosure are key when dealing with a breach of this multitude.

Professor Jay Guo, the research leader for Smart, Secure Infrastructure, CSIRO's Digital Productivity Flagship, also encouraged nationwide collaboration. "Instead of being caught up in a digital arms race against increasingly intelligent threats, we need to design our cyber-security approaches to focus on people — anticipating their behaviours and taking advantage of their unique traits. No system will ever be perfect, but we can prevent and minimise the impact of even extremely complex threats by approaching cyber security as a community."