Blog

Last week the Australian government released its first Cyber Incident Management Arrangements report. Just days earlier, the TOLA anti-encryption act passed both houses of Parliament, despite strong public and tech industry opposition. What’s the key takeaway? Understanding your personal and corporate cyber security risks is more important than ever.

First, let’s look at why the TOLA Act (Telecommunications and Other Legislation Amendment) is so unpopular. Its goals are laudable – certainly catching child abusers and stopping terrorist threats are important to the country’s physical security. Perhaps the risk of opening an encryption back-door is a price worth paying, and the government has offered explanations to “myth-bust” (LINKS TO: https://asd.gov.au/speeches/20181212-tola-act-statement.htm ) this new legislation.

The bottom line, however, is that opening a back door to data encryption not only allows government agencies access, it potentially allows hackers access to operating systems. Like most cyber threats, the question is not if a breach will occur because of this new policy, but when. Let’s look back at the WannaCry ransomware attack. The vulnerability that allowed WannaCry access was discovered by the U.S. National Security Agency, but was not reported to anyone in private sector information security. Instead, they developed code to exploit the vulnerability, and that code was stolen by a hacking group.

This brings us to CIMA (Cyber Incident Management Arrangements). This report outlines how to coordinate government responses in case of a national cyber incident. Each governmental entity is developing specific protocol for incident management. A national cyber incident is defined as one that “significantly impacts… multiple Australian jurisdictions.” This could include malicious activity, a large-scale information breach, or the compromise of the system of a major public or private organisation that operates across multiple jurisdictions.

CIMA includes specific information about how a national cyber incident would be declared and designates the National Cyber Security Committee as the body to manage response efforts. The responsibilities of various levels of government are also outlined.

One of CIMA’s principles is shared responsibility, which “extends to business and the community, including small, medium, and large businesses, which are responsible for maintaining their own cyber security.”

If you are not certain about your personal or business cyber security, it’s time to learn more about My Personal Helpdesk. We offer a number of flexible membership levels, along with concierge computer services. If you want to secure your business operations, just get in touch and we’ll consult with you to give you the 24/7 coverage you need.

Last month a massive worldwide data breach was revealed – Starwood-Marriott hotels exposed half a billion data-rich records in one of the largest incidents ever, in any industry.

While this may be the largest hospitality breach, it is certainly not the first. Let’s review the past several years:

• March 2015: Mandarin Oriental Hotel Group confirms its hotel database has been breached.
• October 2015: The Trump Hotel Collection admitted to a year-long credit card system breach – one that had been suspected and reported on by outside security experts, but took several months for the company to acknowledge.
• November 2015: In what was perhaps an episode of foreshadowing, Starwood announced the discovery of credit-card stealing malware on point-of-sale cash registers in a number of its North American properties.
• December 2015: Hyatt acknowledges that since August cyber thieves had been stealing credit card information from 250 properties in approximately 50 countries.
• April 2016: Trump Hotels discloses another credit card system breach.
• July 2016: Kimpton Hotels begins an investigation into a possible system breach; two months later Kimpton acknowledges that data was stolen in the first six months of the year.
• February 2017: InterContinental confirms a breach at 12 properties; two months later, it discloses that more than 1,000 properties may have been compromised through malware on POS machines on site.
• July 2017: A third Trump Hotels breach is announced, this one tied to a significant payment and customer breach at the massive travel industry data services provider Sabre Corp.
• October 2017: Hyatt announces a second breach in less than two years, this time at more than 40 properties across 11 countries.

And now, the Starwood-Marriott breach – precipitated by the challenging merger of the two already-giant hotel chains after Marriott purchased Starwood for more than US$13bn. And just days after the merger was announced, Starwood disclosed a security breach that had been going on since 2014. This was different from their 2015 breach that involved POS credit-card stealing malware; this 4+ year cyber breach allowed unauthorized access into its reservation system.

What can you, as a consumer or business owner learn from this? First, that cyber breaches are often not readily apparent – your data may have been stolen years ago. And that cyber breaches are not always of systems you may consider threatening. Your hotel loyalty program, for example, may not be of high concern, but when it is tied in to reservation systems that also manage credit card data, the danger is much more apparent.

Keep a close watch on all of your credit card data – for yourself and any employees who might carry your corporate card. Make sure passwords, especially for any program that might include or expose credit card data (this would include virtually any retail or hospitality loyalty program), are changed frequently.

And, get protection on your personal devices and company systems. Blutone Technologies’ My Personal Helpdesk system is a flexible concierge service that watches your devices 24/7, giving you peace of mind and a much quicker notification than you will ever get from a large corporation breach that may not be discovered for months or years. Get in touch for more information.