Aussie spooks warn of state-sponsored online attacks during G20
Attendees at global gabfest to be hit with phishing, poison USB sticks
Australia's top spy agency has warned of 'real and persistent' threats to organisations, agencies and individuals linked to the G20 leaders conference in to be held down under next week.
The advice issued by the Australian Signals Directorate (ASD) warns that large diplomatic and defence conferences attract attacks such as malware-laced phishing emails, social engineering and the handing out of infected USB sticks.
In a document plainly named G20 Cyber Security Advice the agency warned that government classified and unclassified documents were of value to attackers.
"Targeting of high profile events such as the G20 by state-sponsored or other foreign adversaries, cyber criminals and issue motivated groups is a real and persistent threat," the agency wrote.
"The information contained on government systems, whether classified or unclassified, is of strategic interest to cyber adversaries.
"Information gathered through cyber espionage can be used to gain an economic, diplomatic or political advantage."
The agency cited diplomatic spoofed phishing attacks targeting Australian Government agencies linked to the Asia-Pacific Economic Cooperation in July last year, and governments linked to the Association of Southeast Asian Nations in November 2012.
It also said Australia would come under increasing attack as part of it chairmanship of the G20 conference.
"Australian networks will consequently become a more attractive target for cyber espionage or attack," the agency said.
Government agencies would do well to put in place a social engineering education scheme, involving internal phishing campaigns to identify and assist those staff who prove vulnerable to such attacks.
Agencies and organisations should also tackle the Directorate's Top Four security controls including application whitelisting, application and operating system patching, and a reduction of administrative privileges.
These could help G20 malware from executing and exploiting known vulnerabilities to hand attackers a foothold into organisations.
Personal devices that connect to enterprise networks or contain corporate data including work email accounts would also be attractive attack vectors. ®