The fifth annual AusCERT survey, which was compiled in partnership with the Australian High Tech Crime Centre (AHTCC), the Australian Federal Police (AFP) and various state forces, revealed that of all the organisations which admitted to having been infected with malware -- such as a Trojan or rootkit -- 60 percent were government departments or agencies while the remaining 40 percent were commercial enterprises.
AusCERT's general manager Graham Ingram told ZDNet Australia that he was surprised public sector organisations were being hit so hard -- especially because cybercriminals looking for financial gain generally target commercial organisations.
"That is really difficult to explain... anecdotally the private sector would be more heavily attacked than the government sector -- firstly because of the money," said Ingram, who speculated that the strategy has changed in order to steal information that could aid identity theft. "There is a now a very obvious change in the strategy -- to try for identification information to facilitate fraud."
"There is a conundrum there. It could well be that government systems generally retain a lot more information on identification," Ingram told ZDNet Australia.
Frost and Sullivan Australia's security analyst, James Turner, agreed with Ingram.
"When you boil it all down, governments exist for the people, whereas companies exist to make money. So, criminals are going to attack them to achieve different outcomes," Turner told ZDNet Australia. "The government will inevitably have more complete information on individuals that a company will. Further, access to government information systems could help a criminal in establishing false credentials".
Identity theft is one of the fastest growing crimes in Australia and according to Attorney General Philip Ruddock, it has already cost the domestic economy more than AU$1 billion.
At an ID Management conference in Sydney earlier this year, Ruddock said that ID theft has a "devastating emotional and financial impact" on its victims: "There can be no greater invasion of a person's privacy than the theft of their identity".
AusCERT's Ingram said the amount of attention directed at government was a concern: "Certainly the level of targeting of government systems could well be a significant issue".
"revealed that of all the organisations which admitted to having been infected with malware "
Isn't the key here the "which admitted"?
Private sector organisations have a vested interest to withhold information about ANY possible infection of malware lest shareholders/clients etc get jittery, whereas Public sector orgs have no such driver.
So, how does the data reported relate to what's really happening in the world???