On a global scale, Australia is currently a goldmine for overseas hackers; our vulnerability towards cyber attacks in unquestionable. It seems the international perception of Australia is we have a relaxed attitude to life and therefore a relaxed attitude on cyber security, meaning we are the perfect victim for cyber warfare. In 2016 we saw an increase of hacks and cyber attacks hitting our shores. This has lead to Australian government focusing on the cyberspace security in 2017.

The Australian Tax Office was hit by a DDoS attack (Multiple systems were hit with a Trojan) where visitors were unable to access the website 2 days prior to the cutoff date for lodgement of their 2015 – 2016 returns. Leaving the public with questions but no answers. The ATO announced the cause weeks later due to public uproar and placed the blame on an international cyber attack. The attack left the Australian public questioning on how unguarded we were to cyber attacks and also when would be our next large scale one.

2017 has started with the government’s invest around $230 million in protecting Australia and $1.9 million to Universities to encourage Cyber Security studies. Foreign Minister, Julie Bishop recently appointed Australia’s first cyber ambassador, Dr Tobias Feakin to represent Australia and report any attempted hacks, data breaches or any form of cyber crime to global giants Google, Apple and Microsoft. Google Australia also announced this week they would start hiring more IT security specialists, ethical hackers and security engineers in Australia. Milestone IT has also seen an increase in IT security and network engineer roles come in from our clients.

As we move into an IOT boom this leaves us more susceptible to being hacked. What can we see in the cyber security space for 2017?

The four main hacking groups which are targeting Australia are; issue motivated groups, whose focus is generally for a political outcome, criminals, nation states who seek intelligence or individuals who are looking to harm systems on their own personal accord.

As of the 7th of Feb 2017, the Australian Government has implemented a new policy, which protects Cyber espionage against Australian businesses. This means that if businesses are hacked or an incident takes place they must be reported to the government. The legislation is only affects businesses with an annual turnover of $3 million dollars or more.

This year also sees infrastructure security going to be high on the agenda. The government is clamping down on international investors building infrastructure within Australia. China has invested heavily into Australian companies such as electricity infrastructure, healthcare industry, distribution networks and Internet infrastructure. In terms of the Australian cutting back on foreign investments, they have now brought in legislation that will make it more difficult for foreign investors to buy into Australians business without giving a thorough understanding.

A growing issue will be Ransomware. Which is where malicious software is installed on systems and only deleted after a sum of money has been paid to the attackers. Last year the Bureau of Meteorology was hacked using RAT (Remote Access Tool), the main problem came from the ties that the Bureau had with government organisations such as the Australian Defence Force who used the Bureau’s technology to see weather conditions prior to flying, these were flights carrying the Australian Prime Minister.

Penetration testing will soar as businesses look to test all aspects of server and networks within their company. There is a steady growth in businesses continuing to move over to Cloud Computing, which will allow more access for hackers to enter their systems. As more software and applications are also developed there will need to be tests run on Beta versions of software prior to the release. Companies must be vigilant in testing all areas of access to make sure there are no entry points within their system.

Adaptive Behaviour based security authentication will flourish with Apple already utilising behaviour technologies. Facial recognition security is already being introduced along with fingerprint security. As personal items such as cars are now utilising technologies that involve using software this form of security check will be more common in our everyday lives.

Overall 2017 will bring a lot of changes in terms of securing Australia's Cyberspace. The Australian Government has vowed to increase spending for educating the future workforce and security specialists and also a lot more spending from business in securing their private data.