In light of the recent data breaches on organisations such as Optus and Medibank, Australian cyber security experts are warning that the digital space is seeing rapid commercialisation of cybercrime-as-a-service (CaaS).
Sophos CEO Kris Hagerman has revealed that cyber space is becoming a highly lucrative and organized business where cyber criminals can attack institutions regardless of their knowledge of computer programming.
“What we’re essentially seeing are cybercrime-as-a-service operations,” he said.
CaaS is an organized business model where hacking tools and services are being sold or loaned in the dark web, making it accessible to those who want to launch a cyber attack even without programming knowledge.
According to Head of the Australian Cyber Security Centre Abigail Bradshaw, CaaS makes hacking tools and services available to a wider network of nefarious criminal elements.
“The availability of these tools and services means individual actors are not required to be an expert in every component of a criminal operation,” she said.
“In effect, what we are seeing is cybercriminals outsourcing elements of their operations, and a growing black market is serving their needs.”
CEO Hagerman says some nations have developed their own notable style of cyber attacks. He then suggested establishing an Interpol for cybersecurity for global protection from cyber attacks.
He also states that it was incredibly common for companies and governments not to get the basics when it comes to cyber security, suggesting that organisations should bring in cyber security experts to harden up their cyber defences.
“You need a driver-assisted security operation centre who are full-blown experts but unfortunately, there’s an acute shortage of those people,” he said.
“In fact, a recent study found there are 3.5 million unfilled open roles in cybersecurity globally.”
In the recent annual cyber threat report from the ACSC, Australia has been seeing a rise in malicious cyber activity.
Deputy Prime Minister and Defence Minister Richard Marles states that too many Australians have felt the impacts of cyber crime as threat actors continue to find innovative ways to deploy online attacks.
Minister Marles, however, states that increased collaboration across industry, small businesses, and government will help in pushing back against the rising cyber threat environment.