Cyber warfare is here: CSU expert


Monday 15 May 2017

Assoc Prof Tanveer ZiaA cyber security expert at Charles Sturt University (CSU) believes the future of cyber warfare is here after the global 'malware' attack.

Associate Professor Tanveer Zia, from the CSU's School of Computing and Mathematics, said the massive cyber attack over the weekend is a true example of the future of cyber warfare. 

"Imagine a nuclear bomb is stolen from a highly protected government facility and used against the governments and public," said Professor Zia.

"This is how the attack emerged last Friday when hackers used stolen malicious software, or 'malware', from the US National Security Agency to infect thousands of computer systems in nearly 100 countries, including Russia, Ukraine, Spain, the United Kingdom (UK) and Taiwan. 

"High level targets have included the National Health Service in the UK and Scotland, Spanish telecom Telefonica, Portugal Telecom, Russia's telecom Megafon and Interior Ministry, and FedEx in USA.

"Dubbed as the biggest cyber attack in history, the scale of the event is still being assessed. However, to date the attack has cancelled medical operations and diverted ambulances in the UK and Scotland; infected 85 per cent of Telefonica computers and caused its Spanish employees to shut them down; interrupted operations in Megafon call centres; and infected around 1 000 computers in Russia's interior ministry."

Malware screenThe malware, titled 'WanaCryptor' or 'WannaCry', is a ransomware which locks a system and demands money in cryptocurrency Bitcoins to unlock the 'hostage' system.

"The software acts as a 'worm'. It exploits vulnerabilities in operating systems and spreads through networks," Professor Zia said. 

"While few attacks have been reported in Australia, the risk is still there and our cyber security agencies need to remain vigilant.

"This is a wake-up call.

"As we adopt the so-called 'Internet of Things' (IoT) to develop smart cities, smart healthcare and smart industries, where every electronic device will be connected to the internet, similar attacks become a bigger threat.

"Despite the many security measures in place, these breaches will increase in frequency. For example, computer giant Hewlett Packard reported that 84 per cent of people using IoT have already experienced a security breach, with 93 per cent of business executives expecting breaches in the future."

Professor Zia recommends that to protect systems, computer users must have the latest operating system upgrades installed on their computers. 

"If you are still using outdated operating systems such as Windows XP, they are more vulnerable to malware attacks. Even more recent operating systems are susceptible – only last March Microsoft released a new security 'patch'," he said.

"Upgrading individual machines or those in small organisations seems a simple task. It becomes administratively more complex when there are thousands of machines involved, connected to national systems.

"This makes us all responsible for global cyber security."


ends

Media contact: Wes Ward, 0417 125 795

Media Note:

Associate Professor Tanveer Zia is currently a visiting Professor at the Center for Cyber-Security, Information Privacy, and Trust (LIONS Centre) at the Pennsylvania State University, USA.

Associate Professor Zia is in CSU's School of Computing and Mathematics in Wagga Wagga. He is a researcher in biometric security, cyber security, IoT security, cloud computing security, information assurance, protection against identity theft, trust management, and forensic computing.

For interviews with Associate Professor Tanveer Zia, and sample screen shots of messages caused by the malware attack on compromised systems (courtesy of @malwarehunterteam and gizmodo), contact CSU Media. He will be available for online interviews via Skype from USA tomorrow, Tuesday 16 May, between 10am and 12noon.