Monthly Archives: October 2015

Three basic IT security tips for small businesses

Millions of small businesses are vulnerable to cybersecurity attacks that can cost an average of $20,000 per attack. Here is some basic wisdom to help SMBs protect themselves.

databreach codes image screen

When massive organizations like Sony, Home Depot, and the Office of Personnel Management are hacked they grab equally massive headlines. Yet, while they rarely grab headlines, small and middle-market companies are particularly susceptible to hacks, said Chris Crellin, Senior Director of Product Management at Intronis, a data protection firm, because many SMBs can’t afford to employ a security team, or are uninformed of the risks posed by attackers.

“A lot of companies rely on the idea of ‘security through obscurity,'” said Crellin. “They’re focused on running their business and probably don’t spend a lot of time thinking about hackers.”

These attackers probably aren’t interested in any one particular small business, said Crellin, but they tend to rely on a shotgun strategy. “Small and middle-market businesses are targets because there are so many of them. It’s like a thief in a parking lot looking for one unlocked car.” If your organization is unlocked, he said, you’re a likely target.

Common methods of hacking—phishing, brute-force password attacks, keylogging spyware, and social engineering—can cost small and medium businesses thousands of dollars. According to the National Small Business Association 2014 year end report, both the frequency and cost of small and middle-market business hacks are on the rise. In 2013 the cost of an average cyber-attack for a small business was just over $8,000 per attack. In 2014, that number jumped to over $20,000.

When integrating your service with other web tools, Gary Chou, founder of New York-based incubator OrbitalNYC, strongly recommends using tested and widely-used services. For example, if your company needs to process payments, “don’t try to host solutions yourself,” he advised. “Keeping [services] patched and secure is a full-time job, which can be hard to do as a small business. Use a service like Stripe for payments so that you don’t need to store customers credit card numbers.”

Chou had three other basic security tips for small business owners:

1. Don’t assume anything is secure. “If you have something hackers want (e.g. passwords, bank account numbers),” Chou said, “they will find a way to get it. Be selective about the information you choose to store in a database, whether it’s sensitive financial information or confidential data around customers.”

2. Change company and personal passwords regularly. Use a password that is long and difficult to guess. Strong passwords can equate to stronger security. Password managers like 1Password and Dashlane store and manage the keys to websites you visit frequently. A few bucks for an app, said Chou, can save thousands over time.

3. Use Open Source solutions whenever possible. “If you’re building a technology product, the value—and security—of open source projects is critical. [Open source projects] are most likely to find and quickly patch any discovered security flaws,” said Chou. “You can build faster and stay secure on reliable open source code.”

For many small and middle-market businesses the true cost of good security is time. But technology experts like Chou say good security doesn’t have to be expensive, and security best practices can be implemented for free or at low-cost. “Don’t try to simultaneously be a technology company alongside your core business,” he said.

Chris Crellin agrees: “Good security can be expensive, but locking your ‘car’ is free and can save your company a lot of money in the long run.” (8)

Henry Sapiecha

Cyber Security: It’s not if, but when!

Published on Dec 4, 2014

Learn from Bret Arsenault, Microsoft VP and CISO, as he presents a practitioner’s view on the Microsoft environment. He will share how the organization works together to protect the enterprise and our customers, and how we collaborate with and leverage partners like HP in this journey. Bret will address the issues, threats and risks we face in today’s rapidly evolving security and cybercrime landscape – and how he communicates with executives on these key topics.


Henry Sapiecha

HP Security: Disrupting the Cyber Kill Chain – YouTube


HP and FireEye: Strengthening IT Security

Defense is an important part of any enterprise IT security strategy, but it is no longer enough to rely on a strong perimeter.

Today’s cyber criminals are sophisticated and organized. Specialists hunt out alternative routes into your systems. They pass that information on to others who lurk inside looking for opportunities to exploit internal weaknesses.

Fighting a Security Epidemic

They can stay in your systems for months, or even longer—according to Mandiant’s M-Trends 2015 Threat Report, the longest undetected breach was over eight years.

Cyber criminals have changed their approach and that brings with it increased risks. They are after money or data they can sell on the black market. According to the Ponemon 2014 Global Report on the Cost of Cyber Crime, the average cost of an attack in 2014 was $7.6 million, but that’s only the start.

Governments now impose heavy regulatory fines on companies not taking due care to prevent loss of personal data. Similarly, security breaches can mean companies fail to meet contractual obligations, which then leads to litigation. Around the world, HP has specialists to help clients meet their specific regulatory and compliance issues.

Compromised systems hurt organizations in other ways, as well—for instance, customers and investors can lose confidence. The market capitalization of an enterprise can drop 30% following a breach, which means the risk is more than just the amount stolen—an attack can push a business to the wall.

Meanwhile, the main threat has moved on from penetration. You can’t assume it is always possible to stop breaches. Instead you need to minimize the damage that can be done once the bad guys are inside your systems and build resilience so you can recover quickly from any attack.


HP Enterprise Security understands this new threat landscape. We focus on disrupting attacks before they begin and then act at every stage throughout the security life cycle.

That’s why, in April 2015, HP formed a partnership with FireEye. The company specializes in protecting organizations against advanced security threats. FireEye has a track record of dealing with some of the most serious cyber attacks on corporations.

Working together, HP and FireEye offer three services to reduce the business risk from online crime:

Global Incident Response: HP works with FireEye’s Mandiant operation to investigate, assess and resolve cyber security events. These range from single-system compromises to enterprise-wide intrusions. The service pulls on Mandiant’s decade-long history of responding to advanced attacks.

Advanced Compromise Assessment: HP and Mandiant act jointly to provide the security industry’s most advanced compromise assessment.

Managed Advanced Threat Protection Services: An around-the-clock security monitoring service looking for indications that an attack has bypassed conventional perimeter defenses. This calls on experienced HP and FireEye threat analysts who work as an extension of the client organization’s cyber security team. They’ll provide the insight and intelligence to see off attackers who are already inside your network.

HP’s FireEye partnership gives you the capability to decrease IT and business risk, reduce exposure to active threats and establish effective, fast remediation. HP Enterprise Security offers a complete suite of products, security consulting and managed security services. It works with customers to build defenses, put appropriate response plans in place and then monitor and respond to security events as they happen. FireEye brings industry-leading technology, intelligence and expertise. Together they add up to the most advanced cyber security protection available today.


Henry Sapiecha

UK refuses to reveal how many lawmakers are under surveillance

UK Home secretary Theresa May did confirm that members of devolved parliaments and the European Parliament are not subject to wiretap protections.

UK home secretary Theresa May speaking on BBC radio image

UK home secretary Theresa May speaking on BBC radio (Image: BBC/Twitter; file photo)

The UK’s home secretary Theresa May has refused to confirm how many fellow lawmakers have had their communications intercepted by British intelligence agencies.

In a brief confrontation in the parliament’s House of Commons on Monday, fellow Conservative Peter Bone MP said May’s refusal to answer was an “indication” that some members of parliament (MPs) have been subject to surveillance by UK intelligence agencies.

The emergency session follows a ruling last week that determined the so-called Wilson Doctrine, a promise made by former prime minister Harold Wilson that said members of parliament won’t have their mail opened or phones tapped by the intelligence agencies without his direct knowledge, was no longer valid.

May said the doctrine “still applies,” but confirmed that devolved members of parliament in Scotland (MSPs), Wales, and Northern Ireland, as well as members of the European Parliament (MEPs), are not protected by the doctrine.

Joanna Cherry MP, a Scottish member of parliament, criticized May’s response, asking why the government thinks the Scottish parliament is “less deserving” of the doctrine’s protection. She added that the home secretary’s “caveated” comments about the doctrine in 2014 suggested the doctrine may have been partly suspended around the time of the Scottish national independence referendum, a national vote that saw Scotland remain as part of the United Kingdom.

Caroline Lucas MP, who brought the case under debate to the Investigatory Powers Tribunal, said lawmakers had been “misled” over the level of protections MPs are afforded under the doctrine.

Doctrine ‘cannot work sensibly’

Until last week, the doctrine was kept in force by every prime minister since Wilson, but was expanded in 2002 when former prime minister Tony Blair said the doctrine applied to “all forms” of communications.

But last week, James Eadie QC told the Investigatory Powers Tribunal (IPT), which hears complaints against the intelligence agencies, that the doctrine “simply cannot work sensibly” in an age of bulk data collection and mass surveillance, and did not have the force or weight of the law.

The IPT said that the UK’s spy agencies MI5, MI6, and GCHQ — the eavesdropping agency whose activities were detailed in an extensive range of documents leaked by whistleblower Edward Snowden — have their own separate policies that do not require for the prime minister to be informed where parliamentary communications were collected.

MPs were quick to respond with anger, amid concerns that emails sent to and from parliamentary offices may have been collected or spied on.

In a letter to the prime minister David Cameron, Scottish first minister Nicola Sturgeon asked for clarification, arguing “the confidentiality of communications between parliamentarians and their constituents is of the utmost importance,” according to The Guardian.

MPs not ‘above the law’

Many of the lawmakers on Monday argued that the need to protect their communications from surveillance was to protect whistleblowers, and not about driving a wedge of privilege between them and the public.

David Davis MP, a Conservative politician known for being pro-civil liberties, and who has almost always voted against requiring the mass retention of information about communications, said MPs need the doctrine’s protections against government surveillance because their job is to “hold the government to account.”

He argued that MPs often “deal with campaigners, journalists, whistleblowers, and our own constituents” in bringing to light wrongdoing disclosed by members of the public, including police and public-sector workers, and employees of big corporations.

Chris Bryant MP, who called for the emergency debate following last week’s ruling, argued that MPs “cannot ever be above the law,” a sentiment echoed by others, including the home secretary.

Bryant, a Labour MP with a long record of voting in favor of data retention and communications collection legislation, accused May of withholding any public statement about a change in the doctrine’s standing because it wasn’t “compatible” with the current state of national security.

Davis, in agreement with Lucas and others, said the the doctrine must be enshrined into law.

May will “soon” introduce the so-called “snoopers’ charter,” first mentioned earlier this year in the Queen’s annual speech.

Known as the Investigatory Powers Bill, the Conservative government said the draft law would give authorities “tools” to keep the public safe by addressing gaps in existing intelligence gathering.

Dominic Grieve MP, chair of the Security and Intelligence Committee which oversees the intelligence agencies, said the committee will examine how parliamentarians will be treated under the new draft bill.


Henry Sapiecha

State-sponsored attack? Facebook will now tell you ‘You’ve been hacked’

Just don’t expect Facebook to reveal how it knows when government hackers are coming after you.

facebook logo sign image

Facebook has started to notify users when it suspects they’ve been targeted by government-sponsored hackers, rather by than run-of-the-mill cybercriminals.

“Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state,” Facebook’s chief security officer Alex Stamos said in a Notes post on the weekend.

A state-sponsored hacker alert. Image: Facebook

The notification users will see when Facebook detects that they are probably being targeted by a state-sponsored hacker advises them to turn on its two-factor authentication feature, Login Approvals, which requires the user give Facebook their phone number.

Facebook sends users a login code to the person’s phone the next time it detects an account has been accessed from a new device or browser.

“We decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts,” Stamos said.

Facebook won’t be revealing how it tells when a state-sponsored hacker is targeting a particular user, although there are numerous pieces of known malware that are suspected to have been created by government-backed hackers, such as the Stuxnet, thought to have been built by the US, Duqu, DarkSeoul, supposedly from North Korea, China’s ShadyRAT and Russia’s The Dukes malware.

“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion,” Stamos said.

The new hacker alert notifications join Facebook’s other security efforts, such as its security check-up tool, and teaming up with several antivirus vendors to offer online malware scanning and clean-up tools.

Facebook earlier this year said it helped clean up two million infected PCs after using a “combination of signals” to find the infections. While helpful at cleaning up malware, some users have objected to being locked out of their accounts until they download anti-malware from Facebook’s partners.


Henry Sapiecha


ASIO, Crime Commission granted access to photographs of NSW citizens to aid terrorism fight

The release of photographs must abide by any protocol approved by the Privacy Commissioner image

The release of photographs must abide by “any protocol approved by the Privacy Commissioner”. Photo: Andrew Sheargold

Australia’s peak security agency and the NSW Crime Commission have been granted virtually unfettered access to hundreds of thousands of photographs of NSW citizens to bolster their ability to investigate planned and actual terrorism acts.

The NSW government has authorised the release of photographs taken of people who are granted an extensive range of licences and permits to the Australian Security Intelligence Organisation (ASIO) and the state crime commission without a warrant or court order.

They include photographs for licences and permits for firearms, to work in the security, private investigation and debt collection industries and applications to operate tattoo parlours.

But the change also applies to photographs taken for licences for tradespeople, real estate agents, contractors, pawn brokers, second hand dealers, motor dealers and repairers, strata managers and importers and exporters.


It also allows release of photographs taken for the issuing a Photo Card – a voluntary proof of age card available to NSW residents over the age of 16 who don’t hold a driver’s licence.

The photographs are stored by the state government agency Roads and Maritime Services (RMS) but, until now, RMS has only been permitted to release drivers licence photographs to ASIO and the crime commission.

The extra access was granted by the NSW government on Friday, almost three weeks after the killing of police accountant Curtis Cheng at Parramatta by radicalised teenager Farhad Khalil Mohammad Jabar.

The regulation says that the photographs “or any photographic image or other matter contained in any database of such photographs” may be released to ASIO or the crime commission for “investigation of a terrorist act, or a threat of a terrorist act”.

The release of photographs must abide by “any protocol approved by the Privacy Commissioner”.

But the president of the NSW Council for Civil Liberties, Stephen Blanks, said there was no need for the change.

Mr Blanks said people expected their personal information only to be used for the purposes which they agree to hand it over to the government.

“With a single stroke of a pen the government says it doesn’t matter you gave you information on that basis, we’re going to make it available on some other basis,” he said.

“The security agencies needing data in order to foil potential attacks can be done quite properly and adequately through the existing warrant system,” he said.

“That gives an independent oversight of the process and makes sure the access process is not abused.”

An RMS spokeswoman said the change was “designed to assist security agencies and law enforcement carry out their investigations” and the request “was not made in relation to any specific incident”.

“This is one of the measures the government has taken to improve security and co-operation between its agencies,” she said.

“Roads and Maritime respects and values the privacy of NSW citizens and will give access solely for the lawful purpose of assisting security agencies and law enforcement with their investigations.

“In addition, this access is not made available for commercial or marketing purposes.”


Henry Sapiecha

ASIO on the brink: the story behind the dismissal, told by its own documents

Members of the executive council met with the Governor-General, Sir John Kerr, at Government House. From left, Gough Whitlam, Sir John Kerr, Tom Uren, Kep Enderby and Jim Cairns image

Members of the executive council met with the Governor-General, Sir John Kerr, at Government House. From left, Gough Whitlam, Sir John Kerr, Tom Uren, Kep Enderby and Jim Cairns. Photo: Fairfax Library

The last year of the Whitlam government was one of turmoil and controversy, culminating in its dismissal by the governor-general, Sir John Kerr, on November 11, 1975. It was also a tumultuous year for ASIO, with the Whitlam government directing that relations with US intelligence were to cease, and with the sudden resignation of Peter Barbour as director-general of security. Meanwhile, the Royal Commission on Intelligence and Security, headed by Justice Hope, had begun its inquiries. ASIO knew that its outcome would have a fundamental effect on its structure, operations and perhaps even existence.

Ever since coming to office, Whitlam’s apparent challenging of the future of US facilities at Pine Gap, his condemnation of the American bombing of North Vietnam and his perceived soft stance on Eastern bloc issues was reported to have rankled American officials deeply. Whitlam was known to have a deep antipathy to the widely alleged US involvement in destabilising left-wing governments, and their apparent involvement in the overthrow of the elected Salvador Allende government in Chile in September 1973 was a case in point.

Whitlam was so unhappy with the closeness of ASIO’s ties with its US partners that he gave instructions to Barbour to sever them. But Barbour felt this would be harmful to the nation, causing damage to critical intelligence links with the United States. Barbour decided, therefore, to maintain informal contacts with the United States government. His striking stance revealed a surprising level of courage and inner strength – something detractors accused him of lacking.

Another broken window at the ASIO headquarters in Canberra image

Another broken window at the ASIO headquarters in Canberra. Photo: Jamila Toderas

The US intelligence community had been uneasy about the Whitlam government since its election in December 1972 and had expressed concern about the incoming government’s policies. Indeed Nixon and Kissinger’s national security study of mid-1974 was instigated as a result of these concerns, yet did not trigger any attempt at underhanded interference in Australia’s political process. By early 1975, however, US concerns had become more intense.

While much of the following story is about the US intelligence community and the Australian government, it needs to be told in some detail because of false allegations that ASIO was working in response to US intelligence direction and not on behalf of the Australian government, and that US intelligence was implicated in the dismissal of the Whitlam government.

With the resignation of Barbour [in September, 1975], Whitlam was eager for change within Australia’s intelligence and security agencies. Whitlam had lost faith in his intelligence chiefs and was eager to review their organisations methodically and rigorously. In the meantime, Whitlam took further steps that unsettled ASIO officers.

Spies come in from the cold. An aerial view of the ASIO building image

Spies come in from the cold: An aerial view of the ASIO building. Photo: Jay Cronan

On October 22, ASIO was asked to provide a list to the Department of the Prime Minister and Cabinet of all CIA officers in Australia over the previous 10 years. The reply from ASIO did not include Richard Stallings, thought by Whitlam and [journalist Brian] Toohey to be a former CIA officer, who apparently contacted Toohey with allegations of CIA activities in Australia in the 1960s.

Without seeking official confirmation Whitlam declared that Stallings was a CIA operative and that he had been in charge of establishing the Pine Gap installation in the 1960s – a facility managed, on the Australian side, through the Department of Defence, not by ASIO. This may have in part explained Stallings not being known to ASIO. Stallings happened to have rented a house for a short while in 1967 from then minister for the interior and National Country Party leader Doug Anthony. Whitlam played on this, accusing the CIA of having made politically motivated financial contributions. Whitlam provided no evidence to substantiate his accusations. In the meantime, stories about CIA links and conspiracy theories abounded, with more than 16 articles on the topic appearing in the week leading up to Kerr’s dismissal of the Whitlam government on November 11.

On November 4 the US ambassador approached Whitlam and categorically denied that the CIA had passed funds to any organisation or candidate for political office in Australia, nor, he claimed, had any other US government agency done so.

the asio building parkes way image

Filling up: The ASIO building on Parkes Way. Photo: Graham Tidy

Strong public denials that the CIA had taken any part in Australian politics were sent out from the director of the CIA, William Colby, as well. Still, Whitlam repeated the allegation that he knew of two instances in which CIA money had been used to influence domestic Australian politics.

Records maintained by ASIO’s senior liaison officer in Washington reveal that he was called to see the East Asia Division chief, Theodore “Ted” Shackley, on November 8 and given a message to pass to ASIO’s interim Director-General, Frank Mahony​. The senior liaison officer recounted to ASIO the essence of Shackley’s remarks in a cable. In it he relayed Shackley’s concerns that with several people publicised “it is not possible for the Americans to continue to deal with the matter on a no comment basis”. He further reported they were “perplexed at the point as to what all this means”. Did this signify some change in the bi-lateral intelligence security related fields? They could not see how this dialogue with continued reference to them could “do other than blow the lid off those installations in Australia where the persons concerned have been working and which are vital to both of our services and countries particularly the installation at Alice Springs”.

The senior liaison officer reported that the Americans now felt it necessary “to speak also directly to ASIO because of the complexity of the problem”. They wanted to know if Headquarters ASIO had been contacted or involved. They could “understand a statement made in political debate but constant further unravelling worries them”. They asked: “Is there a change in the Prime Minister’s attitude in Australian policy in this field?

Former controversial head of ASIO Peter Barbour.image

A key point the senior liaison officer flagged in his cable was that in his view this message should be seen “as an official demarche on a service to service link”. He went on to say: “It is a frank explanation of a problem seeking counsel on that problem.” He advised that the Americans felt that everything possible had been done on a diplomatic basis and “now on an intelligence liaison link they feel that if this problem cannot be solved they do not see how our mutually beneficial relationships are going to continue”. He went on to say the Americans felt “grave concerns as to where this type of public discussion may lead”. The Director-General “should be assured” that they “do not lightly adopt this attitude”. It would not be long before it was leaked to the press.

This cable or demarche relaying the message from Shackley​ was received at Headquarters ASIO on November 9 and a copy was sent to the Secretary of the Department of Defence, Sir Arthur Tange. A copy of the message also was passed by Mahony to Whitlam at Tullamarine Airport on the afternoon of November 10. (The content of the Shackley cable was later confirmed in Parliament in 1977 by Whitlam who, as Opposition Leader, read it into Hansard. He declared, “in plain terms that cable revealed that the CIA had deceived the Australian government and was still seeking to continue its deception”.)

On November 10, Mahony wrote a response to the senior liaison officer in Washington that seemed to avoid directly addressing Shackley’s immediate concerns. Whitlam personally approved the cable and directed that the texts of his “relevant public statements be conveyed to Washington”. The letter states: “The Director-General draws attention to the Prime Minister’s reply on 16 April 1973 to the assurances sought by Mr Schlesinger namely that no changes are intended with regard to protecting US information and any clearance procedure and that service to service information has been and will be protected.”

The Official History of ASIO book image
The Official History of ASIO. Photo: supplied

Whitlam’s cable reached Washington on November 11 and was passed to Shackley, who stated that in view of that message and in the light of the Prime Minister’s remarks on the television interview on November 6, he was “consequently assured that no policy change vis-a-vis intelligence relationships had taken place”. This is a highly contentious view that needs to be examined in the context of the following observations. What actually transpired during this period is riddled with controversy, and journalists have taken positions that simply do not correlate with the official records reviewed by the author or of the views of those involved.

Journalists Brian Toohey, John Pilger​ and William Pinwill​ have claimed that Tange ensured that his Chief Defence Scientist, John Farrands, briefed the Governor-General by telephone on the “security crisis” over the weekend of November 8-9 and that the dismissal was a result of this information. But years later, interviewed by the press, Farrands, Tange and Kerr categorically denied the assertion. Kerr remained adamant, saying, “I did it myself. I sacked Whitlam. Nobody else did. Nobody else inspired me to do it, nobody else asked me to do it”. Tange similarly dismissed the conspiracy theorists as “false and defamatory”.

After the dismissal of the Whitlam government, the former opposition leader, Malcolm Fraser, became leader of a caretaker government in the period before the general election due to be held on December 13.

Fraser went on to win the election by a large margin, a result that removed the uncertainty hanging over the US intelligence community’s relationship with ASIO, as subsequent events would demonstrate.

In January 1976, the senior liaison officer in Washington had another meeting with Shackley, which the officer described as “primarily of a social nature only”. There, Shackley declared, “I hope they don’t think we’re as bad as we appear to be”. The senior liaison officer reported that “Although this was said lightly, I gained the impression that it was meant almost apologetically”, and that the Americans really wanted to be assured that the incident had not damaged relations with ASIO. The officer noted they were “very concerned about the publicity involving Pine Gap because it was ‘getting too close to the truth’.”

According to one assessment, the Shackley cable was probably the most serious note passed to Australian authorities in the history of bilateral relations between Australia and the United States – a virtual ultimatum to Mahony as Director-General of ASIO to do something. Tange was less worried, later describing this as a telex “fired off by a ham-fisted American intelligence official extravagantly predicting serious consequences for Australia’s relations which could follow the Prime Minister’s disclosures”.

Journalist Brian Toohey later reckoned that in light of wavering Liberal Party determination in mid-November to continue blocking supply in the Senate, “the only serious purpose served by the commotion created by the CIA was to help Kerr make the decision that suddenly reversed the tide that was running Whitlam’s way”. Also weighing on their minds, he argued, was “that the agreement allowing Pine Gap to operate in Australia fell due for renewal on December 10, 1975”. Whitlam later declared, however, that he saw this as a non-issue, as he had earlier made it clear that the government intended the facility to continue being operated jointly in accordance with the agreement.

The demarche was taken by public commentators to be “a sort of prima facie evidence of US interference in the Whitlam government”. Some claimed the US approach to ASIO for information on events in Australia was “an understanding that ASIO had obligations of loyalty to [them] before its obligations to the Australian government”. There is no indication to that effect in the ASIO records. Indeed, on the face of it, the cable outlined policy options and consequences that were understandable under the circumstances from the point of view of US policy makers seeking to protect US intelligence interests. The cable relayed a message that was explicit and disconcerting, but not underhanded.

Reflecting on the rumours of US destabilisation of Whitlam and the aspersions cast upon Kerr, Fraser later maintained that the stories were “crap, total crap”. Similarly, Whitlam later observed “It is not a fact, however, that Kerr needed any encouragement from the CIA”.

A meeting arranged between Whitlam as Opposition Leader in July 1977 and President Jimmy Carter’s Deputy Secretary of State, Warren Christopher, has been cited as possible evidence of the conspiracy theorists being correct. At that meeting, Christopher is reported to have relayed a message from Carter including a remark that “the US administration would never again interfere in the domestic political processes of Australia”. Christopher’s remarks are perfectly understandable in the context of the Shackley demarche – which Whitlam made a point of reading into the official records of Parliament in 1977.

In 1982, the Wall Street Journal accused the CIA of having used the Nugan Hand Bank, which had collapsed amid controversy in 1980, as a funding mechanism for covert action and narcotics trafficking, and as a conduit for funds to assist in overthrowing the Whitlam government. The report claimed that ASIO was implicated. American intelligence officials met with the Counsel to the US President’s Intelligence Oversight Board in August 1982, and strenuously denied the allegations.

During the period the Whitlam government was in power, an American contractor and cipher clerk with the American aerospace corporation TRW, Christopher Boyce, reportedly operated a sensitive and classified telex machine on a CIA network in the United States. Boyce later gained notoriety and fame in the news and in the movie The Falcon and the Snowman for his apparent role in selling secrets to the Soviet Union – a move he claims to have taken out of disgust over how the US government was deceiving Australia and undermining the Whitlam government, which he said it perceived as a threat.

Boyce claimed there were “references to your Governor-General” by the CIA officers who worked with Boyce, describing Sir John Kerr as “our man Kerr”. Boyce’s assertions have not been corroborated, and his other allegations consistently maintained a position sympathetic to the Soviet Union and highly critical of the United States. Boyce’s actions, demonstrably motivated by financial gain, cannot be taken as proof that the CIA was acting in the manner he claims.

The CIA’s apparent involvement in Australia clearly generated enormous controversy. Justice Hope recognised this and made his own inquiries to determine the veracity of many of the claims. In 1976 his top-secret special supplement to the Fourth Report on the Royal Commission on Intelligence and Security was released for very limited distribution. In it he wrote that ASIO had no evidence of undeclared activity in Australia by the Americans against Australian targets.

Much of what Hope had written in the special supplement remains closed to public access. Perhaps the earlier release of his findings may have helped mitigate or dispel some of the conspiracy theories that would reverberate in the months and years after the dismissal of the Whitlam government.

This chapter presents as clear a picture of what actually transpired as possible from the ASIO records. That picture, while troubling, is not nearly as controversial as some of the deepest conspiracy theorists would like to believe.

This is an edited extract from The Protest Years 1963-1975, The Official History of ASIO (Volume II) by John Blaxland. Allen & Unwin. $49.99 (8)

Henry Sapiecha


A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. REUTERS/Kacper Pempel/Files

Russian hackers had infiltrated Dow Jones & Co to steal information to trade on before it was made public, and the breach was “far more serious than a lower-grade intrusion” disclosed by the company, Bloomberg reported, citing sources.

The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation, which began at least a year ago, Bloomberg reported. (

“We have received no information from the authorities about any such alleged matter,” Dow Jones spokeswoman Colleen Schwartz said in an email, adding that the company was looking into the report.

Dow Jones, the publisher of the Wall Street Journal and a unit of Rupert Murdoch’s News Corp, disclosed last week a breach of its systems that put payment card and contact information of about 3,500 individuals at risk.

Dow Jones had said that there was unauthorized access to its systems at certain times between August 2012 and July 2015.

“We are aware of the Dow Jones intrusion and looking into it,” FBI spokeswoman Kelly Langmesser said via email.

Langmesser added that she could not confirm anything else in the Bloomberg report.

The hackers sought information including stories being prepared for publication, Bloomberg said on Friday, citing two people familiar with the investigation.

The Secret Service could not be immediately reached for comment on the Bloomberg report. The SEC declined to comment


Henry Sapiecha


Visa and FireEye bolster security partnership with new threat intelligence service

This service includes a Web portal where Visa clients can share and view cyber intelligence, forensic threat analysis from recent data breaches, and information on malicious software.

glowing-keyboard-hacker-security-black blue image

Visa and FireEye are stepping up their partnership for payments security.

After first teaming up in June on the launch of a secure cyber-threat sharing community, the companies today announced an overall expansion of their cybersecurity offering, now being dubbed Visa Threat Intelligence, Powered by FireEye.

The practice of cyber-threat sharing is gaining support in both the retail and tech communities, and also in Washington. Last year the National Retail Federation created its own cybersecurity cooperative to help retailers share threats with each other, as well as with government agencies, law enforcement and partners in the financial services sector.

In March, the House of Representatives Intelligence Committee introduced a bill which would make sharing cybersecurity data easier for companies by removing the prospect of potential litigation.

The bill has received some pushback by security experts, however. In April, a group of security specialists said threat-sharing is already possible without the need of legislation, and that the bill could actually make it harder to spot the clues that can prevent further attacks.

For more sophisticated users, the companies are offering APIs that can automatically feed threat indicator data into a company’s own security system. FireEye is also throwing in its virtual execution engine technology to help businesses proactively identify malicious malware from IP addresses and domains.

Previously, the partnership between the companies was branded as the Visa and FireEye Community Threat Intelligence offering, and it seems as though the threat-sharing community is now folded into the broader security product.

As was the case before, the service is geared toward retailers and card issuers, with the latter referring to banks that issue Visa-branded debit and credit cards. Picture a CIO from one Visa client uploading threat and malware information to the web portal, and another CIO having access to that information within an hour.

According to Visa, the ultimate goal with the program is to identify a breach, or a potential breach, before data can be used or compromised.


Henry Sapiecha

Cyber Threats Not Stopping Any Time Soon it is said

hooded hacker at work on computer image (2)

It has been an interesting couple of weeks in the realm of cyber security, particularly for government agencies.

The IRS was the target of an attack and the Office of Personnel Management (OPM) was chided by politicians for what they called “gross negligence” in an attack last year that was only recently revealed.  The OPM is accused of failing to adhere to even basic cyber security practices as hackers linked to China stole a bevy of private information about federal employees.  It is being called one of the worst government data breaches in history.

See More: Dealing with Disasters at Dell: Lessons Learned and Solutions Found

Of course, the private sector has seen its share of data breaches and cyber attacks as well.  The St. Louis Cardinals are alleged to have breached the database of the Houston Astros, gaining access to scouting reports and other information regarding potential trades.  Across the globe, a Polish airline had to delay and cancel flights because their computer systems have been compromised by a hacker.

It’s yet another reminder for business continuity professionals that these attacks aren’t going away and are almost surely going to become more common, more damaging and more difficult to stop.

Part of what makes cyber attacks a challenge to deal with is the fact that they can come from anywhere.  Competitors, random attackers, even other nations are a potential threat and with different kinds of attacks with different levels of severity.  Unlike many other things that BC pros plan for, it is difficult to stay a step ahead of cyber criminals because when one kind of attack is shut down, they can switch to another.

On one hand, the looming cyber threat can be used to help garner support for a business continuity program.  It is an emerging issue in so many industries and as these data breaches continue to make the news, executives are starting to pay attention.  However, because these types of attacks are relatively new, they can force organizations to change the way they think and act.  Business Continuity professionals come from a wide range of backgrounds and not all of them have extensive computer knowledge.  Some may want to bring someone who does to their team, but how feasible is that with limited resources and budget?

The bottom line is cyber attacks and data breaches are going to continue and business continuity professionals must find new and innovative ways to combat them.  There isn’t any business or government organization that isn’t threatened by these attacks in some way.


Henry Sapiecha


Henry Sapiecha