Search Results

< News New Security Standards for NZ Government Agencies 24 June 2025 New Zealand's National Cyber Security Centre (NCSC) has drafted Cyber Security Standards which government agencies will be required to adopt and implement later this year. The new standards outline the minimum cybersecurity practices that agencies must adopt for their business-critical and external-facing systems. In general terms, they require that cyber security policies, capabilities, controls, and practices must be well-formed and repeatable. The Standards 10 draft Standards are currently being discussed with agencies and industry partners as part of pre-implementation consultation and feedback gathering. They are: 1. Security Awareness 2. Risk Management 3. Assets and their Importance 4. Secure Software Configuration 5. Patching 6. Multi-factor Authentication 7. Detect Unusual Behaviour 8. Least Privilege 9. Data Recovery 10. Response Planning Maturity Model The draft Standards feature a built-in Capability Maturity Model (CMM) to help agencies standardise how they measure, track and improve their cyber risk management over time. CMM1 “Informal”: Security capability may be ad-hoc, unmanaged or unpredictable. Success may rely on individuals rather than institutional capability. CMM2 “Planned and Tracked”: Security capability is well formed in designated business units. The security policies, capabilities, control and practices are in place and repeatable. They are designed to meet the organisation’s core security requirements. CMM3 “Standardised”: Security capability is standardised, integrated, understood and followed consistently across the enterprise. Security is well-governed and managed at an enterprise level. CMM4 “Quantitatively Controlled”: Security capability and performance is measured, monitored and objectively and quantitively controlled. Security measures are hardened in response to performance alerts. Security is a strategic focus for the organisation. CMM5 “Optimising”: Security capability adapts to a dynamic, high risk operating environment. Practices are generally recognised as world-leading and have near real-time measurement and response mechanisms. Agencies will be required to meet at least Capability Maturity Model level two (CMM2) for their business-critical and external-facing systems. Consultation Phase underway The NCSC began consulting with affected agencies and industry partners on 16 June. Discussions will continue until 4 July 2025, with final Standards planned for publication in October 2025. Agencies will be required to report on their implementation of the standards as part of Protective Security Requirements reporting process (a framework for managing security within NZ government organisations) in April 2026. The initial draft of the NCSC’s Minimum Cyber Security Standards are available for download from the NCSC website . MFT as a Baseline Protection Tactic NZ organisations seeking to step up to the new minimum standards should carefully consider installing a Managed File Transfer (MFT) solution as an initial step. This relatively simple enhancement to IT systems puts organisations miles ahead of businesses still using risky and outdated FTP (File Transfer Protocol) or email to transfer files. MFT centralises data transfer and - more importantly - applies policies to data to protect it from threats such as inbound malware and employees sending files via ad hoc platforms outside the defensive perimeter (e.g. Google Drive and Dropbox). MFT has the built-in advantage of “forcing” the application of policies designed to better protect data such as encryption, monitoring, and auditing. Expertise Close at Hand No-one better understands local MFT needs and best practices than Generic Systems Australia. Our team has decades of experience helping organisations implement the world’s leading MFT solution. Our Migration Service makes the transition even easier for busy agencies who would rather focus on their core mission than their IT systems. If you’d like a no-cost, no-obligation discussion about how we could help you simply and affordably adopt an advanced MFT solution, please feel welcome to get in touch. At Generic Systems Australia, we’re your local experts in Secure Managed File Transfer. Previous Next

< News Painful Lesson for Australian Educational Institutions 12 May 2026 The recent wave of cyber-attacks targeting Australian educational institutions has exposed a hard truth: when organisations rely on ad‑hoc, legacy, or unsecured methods to move sensitive data, they create the perfect conditions for a breach. These incidents are a stark reminder that Managed File Transfer (MFT) is no longer optional infrastructure - it’s essential security. The Weak Link Educational institutions handle enormous volumes of sensitive information: student records, financial data, research IP, HR files, partner data exchanges, and more. Yet many still depend on a patchwork of manual scripts, outdated FTP servers, email attachments, or cloud‑sharing links to move that data between systems and partners. This creates three systemic weaknesses: No central control : IT teams can’t see who is moving what, where, or when. No consistent security : encryption, authentication, and access controls vary wildly across systems. No audit trail : when something goes wrong, there’s no reliable way to trace the breach. The recent hack exploited exactly these gaps. Attackers didn’t need to break through a fortified perimeter; they simply targeted the weakest, least‑monitored file movement channels. MFT would have closed the door A modern Managed File Transfer (MFT) solution eliminates the chaos of uncontrolled file movement by replacing it with a single, secure, governed platform. For institutions under pressure to protect data, MFT delivers four critical capabilities: End ‑ to ‑ end encryption and hardened protocols: Sensitive files are encrypted in transit and at rest, using secure, modern standards - not outdated FTP or unsecured email. Centralised visibility and control: IT teams gain a real‑time dashboard showing every transfer, every user, every endpoint. Nothing moves without being logged. Automated workflows that remove human error: Manual scripts and ad‑hoc processes are replaced with reliable, repeatable automation that attackers can’t easily exploit. Compliance ‑ ready audit trails: When regulators or internal auditors ask for evidence, MFT provides complete, tamper‑proof logs. Lesson Learned? The attack on educational institutions wasn’t an anomaly - it was a warning for every organisation. Any IT team still relying on unsecured or inconsistent file‑transfer methods is exposed. Cybercriminals know that file movement is often the soft underbelly of an otherwise secure environment. A Managed File Transfer solution transforms that vulnerability into a strength. It gives organisations the security, visibility, and governance needed to protect their most valuable data - before an attacker gets to it. Local Help On Hand Generic Systems Australia has decades of experience helping Australian and New Zealand organisations keep hackers at bay through affordable MFT solutions. If you’d like to discuss how MFT could improve your cyber security and organisational efficiency, please feel welcome to get in touch . Previous Next

< News World Braces for Cyber Retaliation 3 Mar 2026 Cyber security tensions are rising globally following the joint US–Israel strikes on Iran and the assassination of its supreme leader. Security analysts are warning that digital retaliation is already taking shape, with Iranian-aligned hacking groups mobilising, and critical infrastructure operators across multiple regions bracing for disruptive cyberattacks. Offensive cyber operations were a key part of the US and Israeli strikes that targeted Iran over the weekend, with critical infrastructure and media key targets. The Jerusalem Post described the cyberattack as the largest in history, and global internet monitoring firm NetBlocks said that Iranian internet activity has dropped to just one per cent of pre-attack levels. Ballistics and Binary While missiles and drones dominate news headlines, cyber operations offer Tehran a way to strike back asymmetrically - quietly, globally, and with potentially far‑reaching consequences. Security experts say the digital domain gives Iran a strategic avenue to pressure its adversaries. Interconnected critical infrastructure makes even small intrusions capable of triggering broader economic or safety impacts. Retaliation Strikes are already reshaping the threat landscape. Security analysts say they’ve observed reconnaissance activity and early-stage DDoS attacks from groups aligned with Iranian interests, indicating that a more aggressive campaign is being planned. CrowdStrike’s latest threat intelligence also highlights a shift in Iranian tactics toward cloud environments and identity‑based attacks, reflecting a steady evolution in capability. Historically, Iranian cyber operations have aligned closely with geopolitical objectives, targeting sectors such as energy, finance, telecommunications, healthcare, and other critical services. Analysts expect that pattern to continue as Tehran seeks to increase pressure and visibility on its chosen targets. Implications for Organisations The combination of geopolitical escalation, demonstrated offensive capability, and early signs of retaliatory activity suggests a volatile period ahead for governments and businesses alike. Operators of essential services - particularly those with regional ties or exposure - are being urged to strengthen monitoring, validate incident response plans, and prepare for potential spillover effects. Line of Defence State‑sponsored cyber operations increasingly target the systems that move, store, and validate sensitive information. This makes Managed File Transfer (MFT) a critical defensive control rather than a back‑office utility. Modern state actors operate with significant patience, resources, and strategic intent: they infiltrate supply chains, exploit unpatched interfaces, and quietly exfiltrate data to support espionage, political influence, or economic advantage. Government agencies have repeatedly warned that these actors use advanced tradecraft to compromise organisations across critical infrastructure and public institutions, as seen in advisories from the Australian Signals Directorate and its international partners. In this environment, any uncontrolled or ad‑hoc method of moving files - email attachments, unsecured cloud links, legacy FTP - becomes a soft target. MFT strengthens an organisation’s defensive posture by centralising, governing, and hardening all file‑based data flows. Instead of dozens of unmonitored channels, MFT provides a single, encrypted, policy‑driven platform with authentication, role‑based access, and full audit trails. This matters because state actors often exploit the weakest link in a distributed system, including overlooked transfer endpoints or poorly secured partner connections. Strategic Resilience When MFT is deployed correctly, it reduces the attack surface by eliminating shadow IT, enforcing encryption in transit and at rest, and providing the visibility needed to detect anomalies early - an essential capability when facing adversaries who specialise in stealth and persistence. Beyond technical controls, MFT also supports strategic resilience. State‑backed intrusions often aim to disrupt trust - undermining elections, destabilising supply chains, or eroding confidence in public institutions. Australia’s own experience with foreign interference highlights how attackers seek to manipulate or steal sensitive data to influence democratic processes. By ensuring that critical information moves through a secure, predictable, and fully auditable channel, MFT helps organisations maintain operational integrity even under sustained threat. It becomes not just a tool for secure transfer, but a foundational layer in a broader zero‑trust architecture - one that assumes compromise is possible and designs every data movement to be verifiable, controlled, and resilient. Local Expertise Available Generic Systems Australia is Fortra’s #1 GoAnywhere Partner in Australia and New Zealand, with decades of experience enabling organisations to defend against cyber-attacks. If you’d like a no-cost, no-obligation discussion about how we could help you simply and affordably adopt an advanced MFT solution, please feel welcome to get in touch with me. Previous Next

< News Migrating from MOVEit 8 July 2024 The rapid escalation of cybercrime is causing many organisations across the Asia-Pacific region to upgrade to more advanced file transfer solutions. That includes replacing Managed File Transfer (MFT) systems such as MOVEit with the class-leading GoAnywhere MFT suite. As our region’s local experts in MFT, at Generic Systems Australia we’re adept at helping customers simply, quickly and affordably migrate from their existing data transfer approaches. Many Options - but only one of them “Best” There are plenty of options when it comes to selecting a file transfer solution… from free, unsecure methods to the fully-featured market leader. However, as cybercrime continues to surge, many companies are concluding that the benefits of upgrading to the class-leading MFT more than justify the relatively minor investment required. They understand that maintaining a ‘circle of trust’ with their customers and supply chains is paramount to their business’s ongoing profitability. So, why is GoAnywhere MFT consistently declared by independent studies to be the leading MFT …? Superior Security “Robust Security” is most often the top of mind consideration for companies seeking the optimal MFT solution. GoAnywhere MFT takes all aspects of data security seriously, protecting your sensitive data both “in motion” and “at rest”. Maintaining GoAnywhere’s security is a primary focus for its software development team. They consistently stay across the latest security standards and threat monitoring to ensure up-to-date compliance with regulations, frameworks, and standards. Easy Centralised Control MOVEit requires you to install two products (MOVEit Automation and MOVEit Transfer) to enable full MFT functionality. Most companies find GoAnywhere’s centralised, browser-based dashboard - an intuitive “one stop shop” - a more efficient means of managing their data flows. The Need for Speed Included in GoAnywhere is GoFast, a file transfer acceleration protocol which can transmit data considerably faster than traditional FTP. The patented technology in GoFast takes the best of UDP’s speed and adds reliability and rate control. Drag & Drop Workflows Scripting (as required by MOVEit for some tasks) is clunky, time consuming and confusing for non-expert users. Through its breadth of Automated Workflows capabilities, GoAnywhere enables end users to quickly and easily build workflows. Manual and automated tasks can even be combined into one master workflow. Further, GoAnywhere provides easy reporting on partner Service Level Agreements, alerting you to any workflow issues before your trading partners do. Advanced Auditability GoAnywhere not only moves and shares data securely, it also provides full auditability of transfers. Logging full audit trails of all user events and file activity, it can also generate reports of file transfer activity, user statistics, and completed jobs – all from within its central management console. Modular, Multi-Platform Flexibility Organisations managing multiple operating systems appreciate how GoAnywhere flexibly supports any protocol, any platform, and any deployment, including Microsoft Azure, AWS, Linux, and more. Further, GoAnywhere’s capabilities can be significantly extended through the availability of a broad array of licensable modules , satisfying a wide variety of specialised file transfer needs. And More… Beyond the advantages above, former MOVEit users are often delighted to discover GoAnywhere’s advanced capabilities in: High availability and clustering, providing true active-active support and load balancing to distribute workloads across multiple systems; Remote agents - lightweight applications managed through the GoAnywhere interface which enable configuring and scheduling of file transfers throughout an enterprise; and Secure Forms - customised forms or files that which contain data other tasks can automatically process. If you’d like to discuss how your organisation can migrate to the leading MFT solution, please feel welcome to contact me, Bradley Copson ( mailto:bradley@gensys.com.au ) . I’m always happy to have an obligation-free discussion, explain how simple the transition can be, and offer you a zero-cost Proof of Concept. At Generic Systems Australia , we’re your local experts in secure Managed File Transfer. Previous Next

< News Don’t Let Your Data Be Lost in Cyber Space 2 Sept 2025 In this digital age, our businesses depend on the seamless movement of files to operate efficiently. From financial reports and customer data to product designs and legal documents, files are the lifeblood of a modern organisation. However, despite sophisticated networks and cloud-based tools, files still vanish into cyberspace, leading to business disruption, unhappy customers and confused suppliers. The reasons files go missing are often quite mundane. Perhaps they were intercepted, having been sent via unsecured email. Perhaps their transfer failed silently and unknown, due to a network glitch. Maybe an employee uploaded the document to the wrong folder, or worse, to the wrong server. Legacy systems, manual processes, and ad hoc workarounds compound the problem. Without proper oversight, files can be lost, duplicated, corrupted, or exposed—leading to compliance violations, reputational damage, and costly delays. Avoid Data Danger, Will Robinson! This is where Managed File Transfer (MFT) technology steps in—not as a patchwork fix, but as a strategic upgrade. MFT provides a secure, automated framework for transferring files across internal systems, external partners, and cloud environments. It replaces risky methods like FTP, email attachments, and consumer-grade sharing apps with encrypted, policy-driven workflows. Security and Reliability MFT platforms use robust encryption protocols (like SFTP, FTPS, HTTPS) to protect data in transit. Authentication mechanisms ensure only authorised users can initiate or receive transfers. Files are tracked from origin to destination, with detailed logs and alerts for failures or anomalies. This means no more blind spots—every movement is visible, verifiable, and recoverable. Compliance and Control For industries bound by regulations (finance, healthcare, government), MFT offers built-in compliance features. Audit trails, role-based access, and data retention policies help meet demanding standards like GDPR, HIPAA, and ISO 27001. Administrators can monitor activity in real time, enforce file naming conventions, and prevent unauthorised access or data leakage. Automation and Integration Beyond security, MFT streamlines operations. It integrates with ERP systems, cloud storage, and APIs to automate recurring transfers—like nightly batch jobs or supplier updates. This reduces human error and frees up IT teams to focus on higher-value tasks. Some platforms even support conditional logic, retry mechanisms, and load balancing to ensure mission-critical transfers never fail silently. Scalability and Visibility As organisations grow, so does the complexity of their data flows. MFT scales effortlessly, handling thousands of transfers per day across geographies and departments. Dashboards provide a centralised view of all activity, making it easy to spot bottlenecks, troubleshoot issues, and optimise performance. In short, Managed File Transfer transforms chaotic, error-prone file sharing into a disciplined, auditable process. It’s not just a tool—it’s a safeguard against digital entropy. For organisations juggling sensitive data across borders and platforms, MFT ensures that files don’t just travel—they arrive, intact and accounted for. From “Lost in Space” to “Found, Locally” At Generic Systems Australia we’re Australia’s and NZ’s experts in deploying Managed File Transfer solutions. We’ve assisted businesses of all sizes to protect their customer data and secure their file transfers, while keeping their operations running smoothly. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how simply we can help you maintain your customers’ trust. Previous Next

< News Survive the Cyber Security Staff Drought 3 Sept 2024 Australian organisations are still struggling to recruit and train sufficient cyber security specialists to keep their valuable data safe. A report by government-funded industry body AustCyber predicted that Australia would need an extra 4800 cyber security workers each year to avoid a significant shortfall by 2030. It warned that the local industry is lagging those of other countries, urging further private sector investment in the area. AustCyber found that 74% of cyber security professionals were being impacted by non-availability of suitably qualified staff. Only 8.8% rated Australia’s cyber security sector as “highly competitive”, while 21% rated the local industry as “not competitive” compared to other global markets. 20% Positions Vacant The Australian Government’s 2023 Skills Priority List shows cyber security roles as among the highest-ranked skills with a national shortage. According to AustCyber, cyber security architects are the most in-demand cyber security role, followed by engineers and analysts. While there were ~51,300 dedicated cyber security workers in Australia last year, a staggering 12,500 jobs had remained vacant. The workforce needs to grow by 66% to reach the total of 85,000 who would be required by 2030. Speaking to The Australian Financial Review earlier this year, the RMIT’s Research Director from the Centre of Cyber Security, Matthew Warren, said: “We cannot run before we walk, and right now the Australian cyber security industry does not have the depth of dedicated, skilled cyber security workers required to strengthen Australia’s security posture against the increasing sophistication, ferocity and prevalence of cyber security threat actors.” AustCyber chief executive Chris Kirk said that cyber security was now a “non-negotiable, impacting every Australian”. Early Education + a Wider Funnel While there’s been a 30% year-on-year growth in the number of people studying cyber security at university, the funnel for future workers needs to be wider for AustCyber’s target to be met. Said Kirk: “We really need to get cyber into the education system quite early, like primary school. And, at the speed of which the industry moves, your skill set can be severely challenged very quickly. So it’s extremely important we upskill and keep globally relevant the professionals in these jobs.” Surviving Staff Shortfalls Organisations struggling to recruit cyber security specialists should consider how automation can augment and relieve the load being carried by their existing cyber security specialists. For example, advanced Managed File Transfer solutions, such as GoAnywhere MFT , can centrally manage and secure file transfers organisation-wide. Recognised for its class-leading features, GoAnywhere frees up your cyber security specialists, working in the background to comprehensively mitigate the risks of storing and moving your data, both within and outside your organisation. Through its centralised control, encryption, and auditing capabilities, GoAnywhere replaces risky traditional approaches and improves productivity. Its versatility, security, ease of use, and budget-friendliness have made it a must-have solution for organisations committed to protecting their information assets. Expert Local Advice On Hand At Generic Systems Australia , we’re Australia’s and the Asia-Pacific region’s experts on Managed File Transfer solutions. If you’d like a no-cost, no-obligation discussion about how we could help you augment your cyber security team’s efforts, please feel welcome to get in touch . Previous Next

< News Australian Govt’s “Horizon 2” Comes Into View 5 Aug 2025 The Australian Government has invited input on the key policy and program outcomes the nation needs to achieve under the 2023 – 2030 Australian Cyber Security Strategy. Building on the momentum of the recently introduced Cyber Security Act 2024 , Minister for Cyber Security, Tony Burke MP, has released the Horizon 2 Policy Discussion Paper. It seeks feedback and input on key policies designed to enable Australia to: · Embed cyber messaging, cyber standards, capability and efforts. · Empower Australian businesses and citizens to protect themselves and become more resilient to cyber incidents. · Enhance cyber frameworks, workforce, and business ecosystem to drive further cyber security uplift. Consultation on the Discussion Paper is open to all levels of government, industry, educational institutions, community groups, and the Australian public. Submissions to can be made through the Department’s consultation webpage until 29 August 2025. Further industry co-design and Town Halls will also be held during the consultation process. Releasing the Discussion Paper, the Minister said: “We have made historic progress on cyber security but there is always more to do when confronting this evolving threat. Our government believes that all Australians have the right to be safe and feel safe, and cyber security is a critical part of that effort. “We’ve laid excellent foundations with Horizon 1 of the strategy and the passage of the Cyber Security Act – Horizon 2 will continue our progress towards our rightful place as a world leader on cyber security.” Submissions can be made through the Department’s consultation webpage until 29 August 2025. Previous Next

< News Phishing Surges on the Back of QR Codes 17 July 2025 New research published by the Anti-Phishing Working Group (APWG) shows that phishing attempts have surged to levels not seen since late 2023. QR codes are increasingly the attack vector of choice. Each day, millions of emails are sent containing QR codes that lead consumers to phishing sites and malware. Q1 Lowlights · APWG observed a total of 1,003,924 phishing attacks in the first quarter of 2025 - the largest number of attacks per quarter since late 2023. · Attacks against the online payment and financial sectors grew in Q1 2025, comprising 30.9% of all attacks. · The total number of wire transfer Business Email Compromise (BEC) attacks increased by 33% in Q1 2025 compared to the previous quarter. Most Targeted Industries The SaaS/Webmail sector was the most targeted industry by cyber attackers in Q1 2025, making up almost 18% of the total attack volume. The financial industry also continues to be a highly attractive sector for cyber threat attackers, with Payment, Banking, and Crypto contributing to approximately 33% of all phishing attacks in Q1 2025. QR Codes Popular QR code attacks occur when an adversary leverages QR codes to social engineer a user, such as redirecting a victim to a phishing website or to download a malicious attachment. QR codes are becoming an increasingly popular phishing tactic due to the various features they offer. Cyber attackers have been observed taking advantage of QR code features in the following ways: · The availability of free QR code generators facilitates phishing attacks due to decreased financial costs of infrastructure, and free services tend to have less resources dedicated to takedowns of legitimate service abuse and other malicious activity. · Attackers can combine QR codes with URL shorteners to obscure the true destination of the URL and thereby direct victims to malicious sites. Certain industries tend to be more prone to QR code attacks, such as Retail & Wholesale, as consumers have adapted to relying on QR codes to access these services. Burgeoning BEC APWG member Fortra tracks the identity theft technique known as “business e-mail compromise” (BEC). BEC was responsible for A$4.3B in losses in 2024 according to the IC3. In a BEC attack, a threat actor impersonates an employee, vendor, or other trusted party in an email communication and attempts to trick an employee into sending money, privileged information, or some other asset. · During the first quarter of 2025, gift card scams were once again the most popular scam type, making up more than half the total number of attacks. · The total number of wire transfer BEC attacks observed by Fortra in Q1 2025 increased by 33% compared to the previous quarter. · The average amount requested in wire transfer BEC attacks in Q1 2025 was A$65,000. · 72% of BEC attacks in Q1 2025 were launched using a free webmail domain. · Remcos RAT was the most common malware payload Fortra observed in Q1 2025. Protection Against Phishing Our SFT Threat Protection Bundle enables your organisation’s email system to automatically detect and prevent phishing links and other malware from entering your organisation. Combining the layered strengths of GoAnywhere MFT and Clearswift, it means your team can receive and share information securely, without impairing their productivity. Seamlessly integrating managed file transfer with advanced threat protection and adaptive data loss prevention, SFT Threat Protection not only prevents malware from entering your organisation, but it also prevents employees from losing or mishandling data. For example, if an employee knowingly –– or unknowingly –– attempts to share any files containing malware, those files are sanitised by having the malicious elements automatically removed. It can also automatically detect and –– if you configure it to do so –– prevent employees from sharing sensitive information. Local Help on Hand Generic Systems Australia has decades of experience helping Australian and New Zealand organisations protect themselves against phishing and other cyber attacks by leveraging the power of the world’s leading MFT solution. Our Migration Service makes the transition even easier for organisations who prefer to use their resources building their businesses rather than improving their IT plumbing. If you’d like a no-cost, no-obligation discussion about how we could help you simply and affordably adopt an advanced MFT solution, please feel welcome to get in touch with us. At Generic Systems Australia, we’re your local experts in Secure Managed File Transfer. Previous Next

< News Cyber Target Paris Prepares 23 July 2024 As the attention of sports fans turns to Paris this week, so too are the nefarious attentions of the world’s cyber criminals. So: how will the world’s largest sporting event keep its data and systems secure…? Read on to learn more from those charged with defending the Summer Olympics’ IT systems. Miscreant Magnet Vincent Strubel, head of France’s national cybersecurity agency (ANSSI), warned that this year’s summer Olympics was facing an unprecedented level of cyber threats. Said Strubel: “There will be cyberattacks during the Games and the Paralympics... Some won’t be serious. Some will be serious, but won’t have an impact on the Games. And perhaps there will be some that are serious and liable to have an impact on the Games.” Franz Regul, head of the cyber team responsible for Paris 2024, said he expects the number of security events this year to be “multiplied by 10 compared to Tokyo”. There is a need to keep an exceptionally tight attack surface and tie up any loose ends like SSL misconfigurations, open ports, and privacy issues such as cookie consent violations. French anti-cybercrime units have classified the cyber threats in five categories: 1. Amateur Hackers As the “as-a-service” cybercrime economy develops, it’s become easier than ever for novice threat actors to launch more sophisticated attacks than their limited skillsets would otherwise have allowed. This lowered bar for entry will lead to a higher overall number of attacks. 2. Thrill-Seekers The sheer size and popularity of the Olympic Games will tempt those broadly inclined to create nuisance or show off their “cyber chops” to their peers. They’ll likely seek to exploit any security weaknesses in the websites or booking sites purposed for the event, including those of media organisations and sponsors. Common website security attacks such as cross-site scripting, SQL injection, and DDoS attacks will be their primary threat vector. 3. Hacktivists Activists passionate for their cause of choice are likely to attempt to hijack the world’s largest stage. 4. Black Hat Thieves The immense cashflow around the Paris Olympics makes them a potentially lucrative target for cyber thieves. Phishing attempts – expected to arrive in the form of unsolicited emails about the Games, lodging, tickets, or information followed by “helpful links” – will abound. Those who open the emails and click on the links may find their bank accounts quickly compromised. 5. Nation-State Actors The Olympics have long been a huge world stage on which global powers send political signals to countries, governments, and the world at large. As the Associated Press recently noted, “Among the most threatening cyber-adversaries are countries who might want to embarrass and exact costs on France and the International Olympic Committee.” Defending the Games French cybersecurity authorities are cagey about the significant precautions they’re taking to thwart cyber criminals. Revealing too much would give away a tactical advantage to blog-reading Black Hats. However, here’s what we know so far… 1. Ethical Hackers The ANSSI has hired ethical hackers to test the attack vectors on all Olympic websites. According to Strubel, 500 sites, competition venues and local collectives have all been put under “friendly fire”. 2. AI Artificial Intelligence is being employed to test for multiple threats across IT systems and websites. Regul said that AI was helping differentiate “between a nuisance and a catastrophe”. 3. Physical Security Transportation, supply chains, and surveillance systems are other potential targets for those seeking to compromise the Games. All have been included in the safety perimeter of the Paris 2024 cybersecurity preparations. 4. External Expertise The 2018 Winter Olympic Games were targeted by malware dubbed “Olympic Destroyer”, which aimed to disrupt the opening ceremony. Paris cybersecurity teams have tapped the knowledge and experiences of the consultants who detected and disabled that threat. A Bug Bounty program has also sought to attract the time and skills of independent IT practitioners. 5. Education & War Gaming During the past two years, ANSSI has been “war gaming” cyber incidents with the International Olympic Committees’ IT partners, and deploying cyber defence education programs across the thousands of people responsible for operating the Paris Games’ IT systems. No News will be Good News The final word on Paris’s cyber preparations belongs to Jérémy Couture, who helms the official cybersecurity hub of the Paris Olympic games. Couture said his dream for the Olympics is that technology and cybersecurity won’t be talked about - because that will mean they were a non-issue. Sports fans around the world will be hoping his dreams become reality. Need a Local Expert? If – like the Paris Games - you’d like to tap local expertise keep cyber criminals at bay, please feel welcome to contact me, Bradley Copson ( mailto:bradley@gensys.com.au ). I’m always happy to have an obligation-free discussion, explain how simply we can transition you from outdated software and approaches, and offer you a zero-cost Proof of Concept. At Generic Systems Australia , we’re your local experts in secure Managed File Transfer. #MFT #managedfiletransfer #securefiletransfer #sft #cybersecurity #datatransfer Previous Next

< News Rate Rise Should Spur Rethink 13 Nov 2023 Following the Reserve Bank’s decision to further hike interest rates, it’s timely for business leaders to explore how they can minimise any negative impacts on their companies. Rowan Tracey, Partner at HLB Mann Judd , Australian businesses would need to “find efficiencies and cut operating costs”. “The Reserve Bank’s decision … will impact business margins, particularly small to medium businesses with high debt and low capital. The natural reflex for businesses is to raise prices to even out the balance sheet, which would be fine in a more buoyant economy. (But) rising fuel prices and cost of living already has many scrambling to find ways of cutting costs, including their current expenditure.” Rowan offers these alternative suggestions to businesses wanting to maintain margins without imposing price hikes: 1. Improve Productivity & Efficiency: Review processes and output and look at ways to improve or streamline your operations, such as automation of processes including business software. 2. Strategically Cut Costs: Review your current service providers and contracts and compare to the current market. 3. Revisit Your Banking & Financial Products: Look beyond the short-term and make sure the interest rate on your business loans is competitive. 4. Develop a Pricing Strategy : Look at ways to leverage or bundle existing goods and services. 5. Reconsider Your Supply Chain : Consider reducing risks by finding a domestic supplier to slash the costs of freight and storage. 6. Review Workforce Arrangements: Consider offering flexible work arrangements, nine-day fortnights, and training and development opportunities - particularly those subsidised by government. One way to address Item #1 (“Improve Productivity and Efficiency”) is to reconsider how your business transfers data. Moving data – between employees, with customers, and with your supply chain partners – is now a “core process” for every modern business. That makes it a target for improving efficiency and productivity. A Managed File Transfer solution, such as GoAnywhere MFT, is more cost-effective and efficient than having your staff waste time on old-fashioned and risky manual approaches. In fact, a study by Aberdeen Group found that businesses which invested a little in a professional Managed File Transfer solution had a median return of almost 500 times their investment! Generic Systems Australia are your local experts in file transfer technologies. Contact me if you’d like an obligation-free discussion , no cost trial, or Proof of Concept showing how GoAnywhere could boost your business’s productivity. Previous Next