Skip to content

Incident Management Intelligence Brief
March 2019 edition

  • CASE STUDY
  • DIGITAL THREAT ENVIRONMENT
  • PHISHING ATTACKS

Case Study: Protests in Public Spaces

St Kilda Race Riots

On 5 January 2019, hundreds of people descended onto St Kilda Beach to commence what would eventuate into two days of explosive race riots between far-right and anti-racism groups. By the end of the two days police would arrest multiple people, with politicians and media organisations across the country commenting on the riots, both condemning and supporting the actions of the two groups.

These riots were the culmination of weeks of increasing racial tension in the region, with Victorian Police reporting an increase in violence and arrests in the area throughout December, following unsubstantiated reports from far-right groups and some media organisations that these increases were the result of African gangs moving into the area.

Crisis Management Public Spaces

Arrests taking place during the St Kilda Beach protests, 5 January 2019

Source: News.com.au

How does this relate to Barangaroo Delivery Authority?

Several factors contribute to making Barangaroo a high-profile target:

  • The area’s position as a major Sydney landmark means that even without the presence of a specific event, the space is a popular public gathering area for both tourists and the local population.
  • The increase in recent years of issue motivated groups and activism, as observed during the St Kilda protests and demonstrations held throughout Sydney, increase the likelihood that these events could reach Barangaroo.
  • Far-right extremist groups could choose Barangaroo Reserve as a location to push white Australia, anti-immigration and anti-Indigenous agendas.
  • On the other end of the activist spectrum, far-left extremist groups could choose the Barangaroo business district as a location to push anti-capitalist, anti-mining and global warming agendas.

What could the impacts to BDA be?

Human – Barangaroo Delivery Authority employees may feel unsafe and chose to not attend their workplaces or may seek greater implementation of flexible work arrangements for a period following a protest onsite. Depending on the cause of the protest, fallout from the event may additionally include increased resignations from Barangaroo Delivery Authority due to association with particular topics such as race.

Reputational – one-off or regular large-scale protests occurring at Barangaroo could significantly reduce the actual or perceived sense of community, amenity or personal safety in the area. The fallout from a large-scale event could additionally lead to the local Indigenous community wishing to move their events away from the area, further adding to negative perception and the reduction in public attendance.

Legal – Following a large-scale protest in the area, there is increased potential for businesses to attempt to withdraw their offices from the site due to negative publicity and connotations. These withdrawals could pull Barangaroo Delivery Authority into public and high-profile legal battles.

Financial – Barangaroo Delivery Authority could face a significant financial hit following a large-scale protest or demonstration for a number of reasons. Exclusion areas created by police cordons, and exclusion zones (or alternatively, areas that receive official sanction as a legitimate protest location) would deter tourists and visitors. This could also lead to companies choosing to remove their businesses from the Barangaroo site in favour of locations with lower inherent risk.

What can Barangaroo Delivery Authority do?

According to the Australian Institute for Disaster Resilience’s ‘Safe and Healthy Crowded Places’ Handbook, the most important thing a public space can do to ensure safety and security during a protest is to prepare.

For any event held within their public space, Barangaroo Delivery Authority should conduct an assessment to determine the likelihood of protestors either prior to or during an event. The NSW Police, Barangaroo security management and emergency services should be contacted and informed accordingly to ensure the mitigation of any potential violence and crowd control at the event.

As part of Barangaroo management’s contingency planning for the event, nearby healthcare providers should be warned of a potential event to ensure they are adequately prepared.

Crisis Management Public Spaces

For more information:

https://knowledge.aidr.org.au/media/5914/crowded-places-handbook.pdf

https://www.barangaroo.com/see-and-do/barangaroo/aboriginal-culture/

Dean, G. (2016). Right-wing extremism in Australia: the rise of the new radical right. Journal of Policing, Intelligence and Counter Terrorism. https://www.tandfonline.com/doi/abs/10.1080/18335330.2016.1231414

https://www.news.com.au/national/victoria/news/far-right-groups-clash-with-antiracism-protesters-on-st-kildas-foreshore/news-story/7faf01ed49ebfd7ba49e1b63e1a3e7f6

Digital Threat Environment: OAIC Notifiable Data Breaches Quarterly Statistics Report – October – December 2018

The quarterly report released by the Office of the Australian Information Commissioner (OAIC) reports on notifications received by the Federal Government entity under the Notifiable Data Breaches (NDB) scheme. Under this scheme, a notifiable data breach is any breach in which the personal information of an individual that was being held by an organisation is either lost or subjected to unauthorised access or disclosure which results in serious harm to the individual.

Crisis Management Threat Environment

Source: Stay Smart Online

 Key Report Takeaways:

The following key points were outlined in the OAIC Quarterly Statistics Report from October – December 2018:

  • During this period, 262 notifications of breaches were reported to OAIC – the highest number of notifications since the scheme was introduced in February 2018.
  • Of these breaches, 33% were due to human error, 64% were due to malicious or criminal attacks and 3% were due to system faults.
  • 60% of these breaches involved the personal information of 100 individuals or fewer.
  • OAIC reported that the majority of the malicious or criminal attacks were largely the result of exploiting vulnerabilities involving a human factor, such as phishing emails or disclosing passwords.

How could this impact BDA?

Crisis Management OAIC Threat Environment

Source: Stay Smart Online

Reputationally: A data breach of any size would attract strong media coverage and create significant reputational and political damage. A cyber-attack could also damage employees confidence around the protection of their personal information and detract future employees from wanting to work there.

Legally: Legally, BDA has an obligation under legislation such as Australia’s Notifiable Data Breach and the European Union’s General Data Protection Regulation (GDPR) to report any significant data breaches that have impacted customers and their personal information. Following this reporting and dependent on the scale of the breach and any fault that has been found to lie with BDA, the business may be subjected to a number of legal ramifications including significant fines.

Financially: Globally, cyber-attacks are believed to have accounted for the loss of approximately $600 billion USD, with the Asia Pacific region alone losing an estimated $171 billion to cyber-crime in 2018. The Australian Government estimates that the average cyber-attack would cost a business approximately $276,323. As such a breach of this magnitude would be significant for the Barangaroo Development Authority. Whilst this estimate encompasses the aspects of the actual cyber-attack, it doesn’t factor in the additional longer-term financial repercussions such as loss of business as a result of reputational damage.

What can BDA do to safeguard against these breach attacks?

Microsoft has reported that from January to December 2018, email phishing attacks increased by 250%. Considering the immense financial, reputational and legal impacts that these breaches may have on BDA, it is imperative that the appropriate safeguards are in place to mitigate any breach.

Recent reports indicate 91% of all cyberattacks are now conducted via email, confirming that human error is one of the key reasons for these attacks. One activity BDA can undertake to counter potential attacks is to raise employee awareness around cyber attacks, security and the risks that these attacks carry with them. Our article on phishing attacks (in this edition) and how to spot them is a great place for BDA employees to start this awareness around cyber and it’s impacts.

By educating staff of the dangers of phishing emails, social engineering and malicious human targeted attacks, BDA will simultaneously improve the confidence of their staff when dealing with possible cyber-attacks and thereby increase the chances of them spotting something so the relevant staff can be alerted. This will greatly reduce the chance of staff being caught by one of these attacks and suffering the ramifications these attacks can carry.

For more information:

https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme/quarterly-statistics-reports/notifiable-data-breaches-quarterly-statistics-report-1-october-31-december-2018

https://www.techrepublic.com/article/employees-are-the-biggest-risk-to-enterprise-mobile-device-security-report-says/

https://www.bleepingcomputer.com/news/security/microsoft-sees-250-percent-phishing-increase-malware-decline-by-34-percent/

https://www.helpnetsecurity.com/2019/02/11/q4-2018-threats/

https://www.ibm.com/downloads/cas/ZGB3ERYD

https://www.cnbc.com/2018/02/22/cybercrime-pandemic-may-have-cost-the-world-600-billion-last-year.html

https://www.staysmartonline.gov.au/sites/default/files/Cost%20of%20cybercrime_INFOGRAPHIC_WEB_published_08102015.pdf

Phishing Attacks

Have you ever received a phishing email?

Odds are you probably have (and might not even know it). These type of cyber attacks are easy to do, are increasing in their difficulty to spot and are very successful – current statistics list 91% of all cyber attacks starting with an email. That’s why it is important you and your staff know how to spot a potential phishing attack.

 What is a phishing attack?

Phishing emails are targeted online scams used by cyber criminals to attack an organisation (via their employees) to gain access to information and sensitive data. These attacks are incredibly common, with 83% of organisations reporting that they were the victim of an attempted phishing attack in 2018 – an increase from 76% in 2017.

These emails may:

  • Contain malware carried in an attachment such as a PDF or file download.
  • Ask you to click on a link, taking you to a questionable website.
  • Be masquerading as a legitimate organisation requesting confirmation of sensitive data or a password change.

Phishing attacks come in all shapes and sizes – the most common being a mass-scale phishing attack in which the cyber criminals send out mass, non-specific phishing attacks hoping to trick a number of people into revealing sensitive information or data.

Crisis Management Phishing Attack

Source: Digital Guardian

How could this impact BDA?

 As discussed in the Digital Threat Environment article (this edition), cyber attacks and breaches can have extremely detrimental effects on organisations. If BDA were to suffer one of these attacks, they could expect to face severe reputational, legal and financial effects that impacts the organisation both at the time of the attack and for years to come.

How do you spot one?

The best thing any organisation can do to prevent a phishing attack from impacting them is to build staff awareness around identifying and stopping phishing emails. Following staff awareness training, nearly 60% of organisations saw an increase in employee’s ability to detect and stop phishing attacks from impacting their company.

Despite their prevalence, phishing emails can be easy to spot if your staff know what to look for. There are five key red flags that employees should pay attention to when reviewing emails:

  1. Unknown or questionable senders – If the email you have received is from an unknown sender, or a name you don’t recognise, and they are requesting that you download an attachment, click on a link or submit personal information to them, it could be a phishing attempt. Similarly, if the email is not personalised but instead begins with a phrase such as ‘Dear Customer’ there is a high chance it is a phishing attempt.
  2. Request for personal information – If the email you have received appears to be from a legitimate source but is requesting information that the known organisation wouldn’t typically request, there is a high probability you are being targeted by a phishing attack. For example, your bank requesting that you confirm your account details and pin number via email.
  3. Spelling and grammatical errors – If you have received correspondence from a well-known organisation, however their email contains a number of spelling and grammatical errors there is a high chance it is a phishing attack.
  4. Demanding or alarming wording – Emails that contain phrases such as ‘Urgent Action Required!’ or ‘Your account has been hacked!’ are phishing attacks designed to illicit an immediate response from the recipient. These attacks capitalise on the recipient’s anxiety upon receiving these messages and the likelihood of them responding and providing personal information.
  5. Misleading URLs or domain names – When reviewing emails that appear suspicious, one way to confirm if they are a phishing attempt is to confirm that the URL listed aligns with the hyperlink provided. If you hover over a URL without clicking, the embedded hyperlink will appear – if the hyperlink within is different to the shown URL there is a high probability this is a phishing attack.

An easy way to test your employee’s ability to detect whether an email is legitimate or a phishing attack is through this quiz from Google and their incubator, Jigsaw: https://phishingquiz.withgoogle.com/. This is a fantastic, free tool – see if you can perform better than us here at RiskLogic!

For more information:

https://digitalguardian.com/blog/dont-get-hooked-how-recognize-and-avoid-phishing-attacks-infographic

https://www.helpnetsecurity.com/2019/01/25/experienced-phishing-attacks/

https://phishingquiz.withgoogle.com/

https://staysafeonline.org/blog/5-ways-spot-phishing-emails/

https://www.csoonline.com/article/3172711/5-ways-to-spot-a-phishing-email.html

Categorized: intelligence-brief