Aussie spooks should know
Because that's what they will be doing, along with the NSA and other friends.
Australia's top spy agency has warned of 'real and persistent' threats to organisations, agencies and individuals linked to the G20 leaders conference in to be held down under next week. The advice issued by the Australian Signals Directorate (ASD) warns that large diplomatic and defence conferences attract attacks such as …
You could redact every occurrence of "cyber" in the article and you'd not only improve the readability but also keep the overall intent. Loose lips sink ships. I'll keep something else at the forefront of my awareness: ASIO really, really shouldn't be holding forth here. Let he who is without sin cast the first stone.
Why not?
In 2008, a handful of USB flash drives were liberally sprinkled around the US CENTCOM parking lot. It only took one system administrator saying, "Cool, look what I found!" and plugging it into a misconfigured system (out of tens of thousands, as autorun wasn't disabled) and the rest is history. Every network, classified and unclassified was infected (again, due to non-adherence to both best practices and codified law).
Cost to clean up the mess? One billion dollars for the first incident. A month later, it was rinse and repeat, as a proper baseline *still* wasn't adhered to by the contractors.
The cost of recovery for incident 2 remains classified at levels much the same as nuclear warhead design plans.
in a world where Cheltenham based experts routinely scan and find 50K vulnerable PCs, co-opt them into a command & control Botnet, and then wait until they are needed for some 'deniable' TCP-IP based trickery - nothing can surprise me anymore! though I don't know how the latest Menwith Hill TURMOIL machine code-name 'wet-lettuce' was left un-redacted on this website.
Belkins - unleash the dogs of DDoS war on El'Reg/92.52.96.89 - lets use the Elbonian servers so they get bombed instead of us. cue evil laugh, stroking of pet ferret whilst Rome burns...