cybercrime

Australia is currently experiencing a huge spike in cybercrime cases, making it a very profitable market for cybercriminals. Malicious IP addresses, URLs that are obviously suspect, and phishing sites, which were seen to more than treble in 2015, are some of the most prevalent cyber risks in Australia (Maurushat, 2011, pp. 100-110). It was discovered that every day, roughly 2,000 new malicious IP addresses were being produced. Australia is listed as one of the top ten global hosts for cyber-related threats even though it typically only accounts for 2% of all attacks on a global scale.  However, as a result of realizing that a secure and safe online environment greatly enhances trust and confidence and significantly takes a critical role towards establishing an environment that is both stable and productive, Australian government is working towards making sure it achieves a solution to cybercrime through initiating different partnerships, proactive as well as innovative policing (Maurushat, 2011, pp. 100-110).

The government puts across the argument that ICT is clearly a very integral part of the daily lives of its citizens. Despite individuals having a computer at their homes, the use of online banking services or even the receive electricity supplies, the reliance of the community on the technology is greatly increasing. As per the Australia Federal Police, it sees the rising use and the dependence on the technology as one of the key influence when it comes to the domestic as well as the international law enforcement operating setting (Demchak, and Dombrowski, 2011, pp.210-230). ICT have a great effects on the enforcement of the law as a result of the way in which it can be able to facilitate activities that are either lawful of unlawful. To give examples, crimes such as frauds and scams can be significantly facilitated through the use of technology which leads to unique problems towards the old crimes. As a result of the increasing cybercrimes, the responsibility to combat various forms of cybercrime in Australia is greatly shared between the already existing Australian government agencies and states as well as different territory agencies. Government and business are greatly collaborating so that they can achieve the goal of significantly address the issue of cybercrime in Australia considering the huge negative effects that the issue results especially to the economy.

How Government and Business Can Better Work Together Towards Reducing the Risk of Cybercrime.

Currently, the Australian government, as well as the private sectors, are greatly working together with an objective of sharing more information even from the sources that are classified, exchanging different information on threats and also responses through joint cyber threat sharing centers in the major capital cities as well as on the online cyber threat sharing portal (Choo, 2011, pp. 719-731). The major reason as to why both the government and business are required to work together is that, in normal cases, systems that are connected tends to be very complex and are only as secure as the weakest link hence promoting the Australians to join hands so that they can make sure that their systems and also information are clearly among the hardest to get comprised and also make sure that they have the best possible defenses ever in their systems. In order to ensure a better detecting, deterring and also responding when it comes to different malicious cyber activities, there is a very significant need to make sure that cyber threat information is shared in real time between and within the public and private sectors in Australia. In normal cases, both the private and public sector in the country, they both have information that is unique with an objective of contributing to the threat picture (Choo, 2011, pp. 719-731). Realizing that it is only through integrating their knowledge, both the private and the public sectors in the country can manage to comprehensively understand different cyber security threats to the country and how to completely counter them, Australian government and business employ a number of ways in order to achieve its goals.

Ensuring that Roles and Responsibilities of the stakeholders are clear.

Different organizations in the country greatly work towards making sure that there are easy and consistent interfaces with different government agencies when it comes to the issue of cybercrime in the country. A new streamlined government cyber security structure is greatly expected to unite elements that are clearly disparate when it comes to both the policy and operational areas (Ubaldi, 2013, pp. 2-10). For instance, the prime minister of the country is greatly supported by a minister that is given the objective of assisting him/her for the cyber security with the aim being to lead different works of the government in collaboration with the business leaders towards implementing the initiatives.

Also, in addition to the idea of appointing a minister to assist the prime minister on the issue of cyber security, Australian cyber security governance tends to have three coordinated strategic level pillars. To start with, the department of the prime minister as well as the cabinet greatly aims at strengthening its current lead role when it comes to the cyber security policy and also act as the central point in regard to the policy issue towards making sure that there is a simplified government policy interface meant for the different stakeholders (Ubaldi, 2013, pp. 2-10). Here, the department greatly provides an integrated oversight of the government cyber security policy as well as the implementation of this particular strategy. In addition, it also prioritizes different activities of the government that are against the strategy’s national cybersecurity goals.



The Partnership of the National Computer Emergency Response Team (CERT) with Business.

In order to reduce the risk of cybercrime, CERT Australia being a government organization greatly partners with more than 500 business whereby the goal is to offer advises on the issue of cyber security threats to the different owners and operators of the Australia’s critical infrastructure. In addition, CERT Australia tends to work directly with some other computer emergency response teams all over around the globe (Jerome, 2012). As part of their partnership arrangements, CERT Australia employs the move of making sure that it regularly convenes national as well as regional information exchanges with a variety of businesses.

Initiating Of Cyber Security Challenge in the Country.

Australia holds a cyber-security challenge whereby there is an annual cyber security competition meant for the Australian tertiary students which are normally run by an alliance that comprises of the Australian government business, academic as well as different research professionals who are normally committed to offering support to the next generation of the Australian cyber security talent (Channer, 2016, p.41). In the competition, it normally runs for more than 24 hours whereby it simply involves testing of the technical and communications skills for the participants in the process of promoting cyber security careers.

Working Towards Achieving a Better Understanding Costs and Benefits.

Different Australian businesses and governments greatly rely on the statistical data when it comes it the national effects of the cybersecurity compromises which helps them towards making decisions that are informed in the process of managing different cyber risks. Here, the process of data collection measures helps the government of the Australia and a variety of private sector that are alike towards making evidence that is based on investments decisions that address the reality of the cyber security threats when it comes to the Australia’s economy as well as security (Moore, 2010, pp.103-117). In order to enable the organizations to have a better understanding of the effects of the malicious cyber activities. In addition, the government also sponsors research so that there can be a better understanding of the malicious costs in regard to the cyber activity to the economy of Australia.

How Government Protects Its Networks and Information

In normal cases, the government of Australia tends to collect and receive information with an objective of full filling its functions and also expects all those who usually have access or holds this information to make sure they protect it (Lynn, 2010, pp.97-108). Moreover, all the non-corporate commonwealth entities are also required to come up, document, implement as well as reviewing of the suitable measures that can help in protecting particular information from the unauthorized usage or even modification loss or release through the following. Firstly involves initiating the best information security culture composed in an entity. Secondly, it involves the implementation of different security measures that can match the value, classification as well as the sensitivity of the information. Lastly, it involves adhering to all the legal requirements by the government.

To protect its network and information, the Australian governments implements a variety of measures. To start with, when it comes to the process of sharing information, the government requires that all the non-corporate commonwealth entities must make sure that they implement this policy in the process of sharing any Australian government information with some other governments and also different international, educational as well as private sector organizations (Lynn, 2010, pp.97-108). When it comes to these cases, all the entities are required to come up with a variety of arrangements that greatly outlines security responsibilities, different safeguards to be implemented as well as the different terms and conditions meant for the continued participation.

Secondly, all the non-corporate commonwealth entities are greatly expected to make sure that they treat information that is received from some other governments and private sector organization according to the agreements from all the concerned parties.

Thirdly, the government makes sure that all the entities establish procedures of authority that are clear when it comes to the decisions that regard security of the information. All entities are required to have a governing body, committee or a designated individual who are given the responsibility of managing all the entity’s personal information with an objective of making sure that its integrity, security and also the accessibility.

Lastly, the government aims at making sure that there is an effective ICT security that can be able to protect both the computer hardware and also the data that is held by the computer hardware from any unauthorized use, access, damage or even theft. In addition, the ICT security measures are required by the government to make sure that the hardware and also the data that is stored on it remains to be accessible and also useful when it comes to the legitimate users.

Strategies to Ensure Australia is One Step Ahead of the Threats to Government Networks and Critical Infrastructure.

In order to make sure that it is one step ahead of any threats that may be there to the government networks as well as critical information, Australia employs a number of strategies.

Application of Whitelisting.

If correctly implemented, application whistling tends to be a very incredibly effective way of making sure that there is adequate security, stability, and consistency when it comes to the computing environment. The main reason as to why Australian government employs this strategy is that it realizes that through having a computing environment that is well designed and also managed, there are high possibilities to identify each and every executable that requires being allowed to run on a system. The implications here are that when it comes to any unidentified executable, then it can be treated as a suspicious at a minimum level and it should be greatly prevented from running (Eswari, and Babu, 2012, pp. 77-80). Implementing of application whitelisting is greatly associated with a number of benefits as it helps organizations to defeat both unknown and known malicious intrusions. Moreover, it the strategy can help administrators involved to make sure that the computing environment remains in a state that is clearly known which as a result it helps in improving the consistency as well as the stability of the environment.

Minimizing Administrative Privileges

Usually, the strategy of administrative privileges is designed with an objective of allowing only the personnel that are trusted to make the configuration, managing, and monitoring of the computer systems. In normal case, the accounts that are featured with administrative privileges on a system tends to have the ability to virtually make any change to that system and retrieve any information that may be consisted in it (Bleikertz, Kurmus, Nagy, and Schunter, 2012, pp. 83-84). The accounts that have administrative privileges on a windows domain normally tends to have the ability to impact such changes or even see any kind of information that is comprised in any system on that domain.

Patching the Operating System.

In this case, the operating system refers to the core around which the whole computing environment tends to be built. Just in cases, it fails to be stable and secure, then it happens that the other security considerations are in place to a large extent. The precaution being taken here is that, if an operating system is comprised, then any action or information that is being handled by that particular computer is at risk (Bailey, Ceze, Gribble, and Levy, 2011, pp. 2-12). The solution here involves making sure that there is the only usage of the operating systems versions that are updated as they include more protection against any malicious behavior.

Patching Applications.

An application being any software which cannot be counted as a part of the core operating system, then management of patch applications significantly needs to be considered separately to the operating system with the major reason that it may be considerably challenging when compared to the patching of the operating system (Bailey, Ceze, Gribble, and Levy, 2011, pp. 2-12). This is commonly achieved by making sure that most applications have a unique patching methods as well as requirements. The explanation here is that applications are in normal cases a typical explanation vector when it comes to the cyber intrusions for a variety of reasons with the major reason being to overcome any threats to the government networks and critical infrastructure.

Practical Ways to Improve Our National Security

Today, cybercrime is considerably a growing threat that is getting more complex and sophisticated which is making cybercrime related issues very challenging to detect and investigate. As a result, the increase in both the quality and the quantity of the cybercrimes is significantly alarming. As a matter of fact, cybercrime-related issues are ranked the highest threat to our national security not just in Australia but in the whole world. As a result, there are a number of practical ways that can be deployed to improve national security.

Firstly involves raising awareness whereby a comprehensive and sustained national cyber security education is of great essence towards raising public awareness in regard to the risk and effects of cybercrime as well as the need to deploy basic protective procedures on laptops, computers and also different mobile devices (Nagarathna, 2013, pp.78-85). On the cyber security education, it should cover a variety of basics such as using strong passwords, applying different system updates in a manner that is timely and efficient and also learning to avoid clicking on email links or attachments unless one is receiving them from a known sender.

The second practical way involves building an economic framework. Here, one thing that requires being made clear is that the idea of purchasing every new security product is not the answer to fighting cybercrime. The critical thing to make clear is that all businesses at all levels require making investment decisions for the cyber security in a risk management construct that constitutes trying to secure the biggest bang for the buck.

The third way involves leveraging trusted resources. Here, it involves sensitizing people on how to improve their protection profiles in cyberspace which can be achieved by building, maintaining, and updating an online source of information when it comes to all levels of sophistication.

Implementing a response plan is the other practical way to help improve our national security here in Australia. The implementation of a national cyber incident response plan is very significant to the national and also the economic security (Newell, Marsh, and Sharma, 2011). The plan should aim at recognizing the unique nature as well as the risk that happens to be presented by different cyber events and provide a predictable and also sustainable clarity around the roles and responsibilities of different stakeholder at the time of thresholds of escalation.

Risk of Cyber- Attacks in the Public and Private Sectors

Currently, in the wake of the overwhelming cyber-attacks when it comes to the private and public business sector whereby cybercrimes is greatly costing these business sectors which ends up affecting millions of customers in the process. Moreover, the threat of the cyber terrorism is even resulting some business leaders to consider hard backing to a simpler technological era. Some of the common risks of cyber-attacks in both the private and public business sector in Australia comprises of the following:

Financial Loss.

In normal cases, cyber-attacks results to substantial financial loss that greatly arises from the theft of the corporate information, loss of contracts or even businesses, money theft and disruption to the trading whereby there lacks the capability to carry out a variety of transactions online (Watkins, 2014, p.12.). In case a business suffers a cyber-breach, then it is expected to incur costs that are linked to repairing the systems that get effects, devices and also networks.

Reputational Damage.

Trust is greatly considered as an essential element of the relationship with the customer. Cyber-attacks can result in a significant damage on the reputation of a particular business and also erode all the trust the customers of a certain business (Lagazio, Sherif, and Cushman, 2014, pp. 58-74). In turn, this could potentially result in a number of problems which comprises of losing customers, losing sales and also a reduction in the profits.

Conclusion

Cybercrime cases are at a very high rise in Australia which comprises of malicious IP addresses, suspicious URLs and phishing sites which are in significantly increasing. As a result, this has greatly promoted the Australian government and business to join hands with a major objective trying to work better together in order to reduce the risk of cybercrime. To mention some of the ways that are being implemented comprises of ensuring that roles and responsibilities of different stakeholders are clear, a partnership of the national computer emergency response team (CERT) with business, creating of cyber security challenge in the country, and working towards achieving a better understanding costs and benefits. For the Australian government to protect its networks and information, then it requires implementing a variety of measures which comprises of making sure that all the entities establish procedures of authority and an effective ICT security that can be able to protect data in a computer hardware and unauthorized access to data. Strategies to ensure Australia is one step ahead of the threats to government networks and critical infrastructure comprises of application of whitelisting, minimizing administrative privileges, patching the operating system and patching applications. For the practical ways to improve our national security, they constitute of raising awareness, building an economic framework, leveraging trusted resources, and implementing a response plan. Financial loss and reputational damage are the most common risk of cyber- attacks in the public and private sectors.



















References

Bailey, K., Ceze, L., Gribble, S.D. and Levy, H.M., 2011, May. Operating System Implications of Fast, Cheap, Non-Volatile Memory. In HotOS (Vol. 13, pp. 2-12)

Bleikertz, S., Kurmus, A., Nagy, Z.A. and Schunter, M., 2012, May. Secure cloud maintenance: protecting workloads against insider attacks. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (pp. 83-84). ACM.

Channer, H., 2016. A Constructive Contribution to Non-traditional Security Challenges. Mutual Security in the Asia-Pacific: Roles for Australia, Canada and South Korea, p.41.

Choo, K.K.R., 2011. The cyber threat landscape: Challenges and future research directions. Computers & Security, 30(8), pp.719-731.

Eswari, P.L. and Babu, N.S.C., 2012, June. A practical business security framework to combat malware threat. In Internet Security (WorldCIS), 2012 World Congress on (pp. 77-80). IEEE

Demchak, C.C. and Dombrowski, P., 2011. Rise of a cybered westphalian age. Air Univ Maxwell AFB Al Strategic Studies Quarterly. pp.210-230.

Jerome, O.U., 2012. Cybersecurity Law & Regulation. Wolf Legal.

Lagazio, M., Sherif, N. and Cushman, M., 2014. A multi-level approach to understanding the impact of cybercrime on the financial sector. Computers & Security, 45, pp.58-74.

Lynn, W.J., 2010. Defending a new domain: the Pentagon's cyberstrategy. Foreign Affairs, 89(5), pp.97-108.

Maurushat, A., 2011. Australia's Accession to the'Cybercrime Convention': Is the'Convention'Still Relevant in Combating Cybercrime in the Era of Botnets and Obfuscation Crime Tools? , 10(2) pp. 100-110

Moore, T., 2010. The economics of cybersecurity: Principles and policy options. International Journal of Critical Infrastructure Protection, 3(3), pp.103-117.

Nagarathna, A., 2013. Combatting Cyber Crimes-Existing Indian Legal and Institutional Framework. Vidhigya, 8(1), pp.78-85.

Newell, B., Marsh, D. and Sharma, D., 2011. Enhancing the resilience of the Australian national electricity market: Taking a systems approach in policy development. Ecology and Society, 16(2).

Ubaldi, B., 2013. Open government data: Towards empirical analysis of open government data initiatives. OECD Working Papers on Public Governance, (22), pp. 2-10.

Watkins, B., 2014. The Impact of Cyber Attacks on the Private Sector. Briefing Paper, Association for International Affair, p.12.