Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267
0

Report cyber attacks to the police ASAP, businesses told | #cybercrime | #computerhacker


The earlier businesses that fall prey to cyberattacks report the crime to the police, the better the quality of investigation, according to the AFP.

Commander Chris Goldsmid (pictured), acting assistant commissioner, cybercrime operations, at the Australian Federal Police (AFP) pushed businesses to report a cyber attack incident immediately to both the police and incident response teams.

“The earlier victims of cybercrime report it, the more the police could potentially do,” he told Cyber Daily ahead of his keynote session at the Australian Cyber Security Summit 2024 about the threats businesses are facing in the online world and the AFP’s role after a cyberattack.

“If a business has faced financial losses, working with the police alongside their financial institution could increase chances of recovering the money. We’ve had success when investigating major cyber incidents because early reporting has allowed us to follow the lines of enquiry and the theft of data offshore.”

However, he underscored that the roles of the police and first incident responders are different and that the police do not undertake incident response and remediation work.

Instead, they will collaborate with business owners to gather evidence of the attack from their networks in order to investigate the crime, find the criminals behind the attack and investigate them, and potentially prosecute or disrupt their activities.

The AFP has worked with its overseas counterparts to disrupt the criminals’ ability to use the stolen data from the organisation to commit additional crimes, Commander Goldsmid said.

“Investigating data theft, attacks on computer networks, and encryption of networks can be very complex, and takes time to bring to fruition,” he noted.

“We’ve worked with our global partners, including offshore law enforcement partners to succeed in significant takedowns over the last few months.”

Indeed, the AFP helped with an international operation to disrupt the BlackCat ransomware group, a Russian-led hacking group that is estimated to have cost victims hundreds of millions of dollars around the world. The group targeted at least 56 businesses and government agencies in Australia over the past year, the AFP said in December 2023.

The AFP’s Operation Aquila also assisted law enforcement agencies from 10 countries in the campaign against the LockBit ransomware-as-a-service operation, the most prolific ransomware operator in the world.

Australian businesses and individuals can use the national cybercrime reporting system (by emailing [email protected]) to report a cybercrime, which is a shared responsibility between the AFP and the state and territory police.

The AFP investigates cybercrime against critical infrastructure, the Commonwealth Government, and other systems of national significance, Commander Goldsmid said, while state and territory police would investigate incidents at small-to-medium enterprises (SME).

During their investigations, the police typically seek evidence of data theft, infiltration and how the criminals accessed the network, what the exfiltration points are, and information around logins.

“We’re interested in evidence of activities by the criminal, including what they did well on the network, how they moved data off it, and if they stole data,” Commander Goldsmid said.

As such, he encouraged businesses to preserve any piece of evidence related to those areas.

Moreover, he urged them to exercise their incident response arrangements in the event that a cybercrime compromises their network and is inoperable through encryption.

“You should know who to call, what everyone’s responsibilities are, and who the decision makers are within your organisation for tasks like remediation and restoring data and files from backups,” Commander Goldsmid said.

“Thinking about the cybercrime threat up front and preparing by raising awareness are very important.”

Business owners can access resources at the Australian Cyber Security Centre (including the Essential Eight), with Commander Goldsmid noting that the AFP works seamlessly with ACSC during incidents, and has teams of people in the centre.

To hear Commander Chris Goldsmid’s keynote address on how the AFP can help businesses in the event of a cyberattack, come along to the Australian Cyber Security Summit.

It will be held on Thursday, 20 June 2024 at the National Convention Centre, Canberra.

Click here to buy tickets and don’t miss out!

For more information, including agenda and speakers, click here.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

——————————————————–


Click Here For The Original Source.

Translate