Australian businesses warned to prepare for cyber-warfare attacks

Dr Thompson said that Russians have been “masters in information warfare” for decades and have also been conducting these activities through cyber space for quite some time.

“[In] 2007, when the Estonians relocated a Russia Soviet-era grave marker, known as the Star of Tallinn – as in Tallinn, the capital city of Estonia – Estonia was subjected to some crippling denial of service, distributed denial of service attacks, DDoS attacks that targeted their parliament, government ministries, banks, and some other civilian targets,” Dr Thompson told director of Defence Connect Phil Tarrant.

“[In] 2008 when Putin annexed South Ossetia, the fight with Georgia that went for about 12 days, information warfare techniques were used extensively throughout that 12-day conflict and subsequently, in an effort to justify the actions that Russia had taken.”

Dr Thompson said Australian businesses should therefore be heeding the recent message from the Prime Minister to prepare for potential reprisals from Russia.

Businesses, he said, should be thinking about cyber security now and what might be necessary to prevent, minimise or respond to any incident directed at them.

“At the end of the day, the time for preparation is before, not during an attack or an incident. So, patching systems [...] so that your hardware and your software has the latest updates, and therefore the most recent security measures applied. Close the gap on any vulnerabilities that could be exploited by a threat actor. Be thinking about where you might be vulnerable, including into your supply chain,” warned Dr Thompson.

“With everything just so globally connected now, and especially with all of the global supply challenges that we’re all experiencing at the moment in the wake of the pandemic, [think about] where might you be vulnerable, both internationally and domestically.”

Business owners, he said, should also be looking at their business continuity plan and their incident management or crisis management procedures.

Dr Thompson also stressed the importance of workers being on the lookout for suspicious activity such as phishing emails containing links that give attackers easy access to systems.

He also discussed the importance of staying up to date with the Australian Cyber Security Centre.

“Subscribe to their threat updates, sign up as a partner so that you’re getting the most recent, current, contemporary information that the Australian Cyber Security Centre can publicly release,” he said.

It is also important to be conscious of what is posted on social media, Dr Thompson warned.

“What is being released to the internet that can be gained by anyone with an internet connection about our business and our workforce? A professional threat actor [...] with a targeting mindset can take all of that information, turn it around and use it to come back at us. How vulnerable are we? What are we posting? And what is our organisational social media policy?” he said.

“Are we happy that someone is presenting on Twitter or Instagram or Facebook as being an employee of ours and then talking about where they work, their pattern of life, when they arrive at work, when they don’t arrive at work, what they’re doing at work and what’s happening inside the walls of the business? Are we happy about all of that?”

You can listen to the full podcast here.