Did you miss the AES Webinar on Cyber Criminals? This is a must read

As we move into an increasingly digitised world, the threat of cyber-attack is growing. Regardless of the size of an organisation, cyber-criminals can infiltrate your systems and target you for payment. Payments made to cyber criminals typically cannot be recovered, so it is vital that associations understand the risks and take action to strengthen their cyber security.

Evolving Threat

These days, cyber criminals are not normally individual hackers. Rather, they are complex entities, operating business models called Ransomware-as-a-Service (RAAS). These businesses have teams of people with specialised skills that create malware products to be sold on the dark web.

They partner with affiliates to sell RAAS software. The availability of these tools lowers the barrier for entry, increasing the number of affiliates entering the market. When cyber-criminals target victims, they will then demand a ransom payment. Often when the victim pays, the ransom is split between the affiliate and the criminal organisation.

Some well-known cyber-criminal organisations include Ryuk, Revil and Darkside. Darkside are known for the US attack that stopped 45 per cent of the oil supply to the East Coast region over six days, causing a petrol price hike and panic buying.

Cyber Crime in Australia

Cyber-crime is growing in Australia. The ACCC estimates that Australian businesses have lost over $850 million to scams in 2020, a 23 per cent increase on the previous year.

Many scams target individuals. For example, an estimated $328 million has been lost on investment scams, and $131 million has been lost to romance scams. However, of particular concern to businesses and organisations is the $128 million lost to business email compromise through payment redirection scams. The numbers are likely to be much higher, as many incidents and crimes are not reported.

The quantity of cyber-attacks is also increasing. From July 2019 to June 2020, the number of attacks increased by over 10 per cent. Most cyber security incidents come from malicious emails or compromised systems.

Phishing

Phishing is a form of cyber-attack. It uses an email disguised as something that the recipient wants or needs, such as a message from the government, their bank, or even a colleague. The email contains instructions to click a link or download an attachment.

Phishing is very common and is one of the oldest forms of cyber-attack. Phishing emails are becoming increasingly sophisticated with attackers able to create emails to look like a trusted brand, or an existing contact of the recipient. Good phishing emails will look very similar to genuine correspondence from organisations and can sometimes be hard to identify as fake.

Businesses and organisations should continually train their employees on phishing awareness and should conduct assessments to understand their risk.

Data Breach

Cyber-attacks often result in a data breach. A data breach means that a company or organisation’s data is stolen and published publicly on the dark web. Sometimes data is paywalled; other times, the data is freely available. Some well-known Australian companies that have been affected by data breaches include the AFL, Optus, Canva, Cabrini Hospital and Melbourne Polytechnic.

Cyber criminals will analyse leaked data for re-used passwords. When they identify a frequently used password, or a password that is used with minor alterations (e.g., Association1, Association10, Association1!), the attacker can launch an assault against an organisation’s email accounts by guessing the passwords.

One way to combat this is to use Multi Factor Authentication (MFA). This requires users to enter a password and a second method of signing in, such as a text message confirmation on their mobile phone. While a hacker may be able to access one source of identification like a password, it is unlikely they will be able to penetrate two.

Business Email Compromise

When cyber criminals access business email accounts, they look for potential invoices. They observe the nuances of communication within a business, and then hijack a conversation to request for payment to be made into an account they provide the details for. They can change the information on existing invoices or impersonate an employee and create a new invoice. 

Businesses can prevent this by implementing verification procedures for all payments. Phone calls, rather than emails, are a good way to check on information; hackers cannot impersonate employees on the phone.

Effect on Organisations

The damage from a compromised system can be more than just financial. Organisations that suffer a data leak risk breaching their clients’ privacy and facing a potential lawsuit. Data breaches can result in fines of anywhere from $1000 to $20,000. Additionally, an organisation’s reputation is damaged by a successful cyber-attack, resulting in loss of clients and impacts on their ability to conduct business with partners in the future.

Organisations need to understand the risks and be aware of any security gaps so that these can be addressed. Some mitigation strategies include having the latest version of anti-virus software and a firewall in place, ‘whitelisting’ (or approving for use) applications, and segregating networks.

Free Cyber Security Awareness Training

ITConnexion is offering free Cyber Security Awareness Training under the AusIndustry Grant Cyber Security Business Connect and Protect Program. This 10 weeks program is offered free of charge to SMEs with the aim to raise the cyber security awareness amongst their staff.

Your organisation must be an Australian SME or a Not-For-Profit organisation. There is a quota each month under this program and registrations will be processed on a first come first serve basis. However, priority will be given to Not-For-Profit organisations.

If you are interested in joining the program, you can register via: https://www.itconnexion.com/itconnexion-csat-program-2021-REGISTRATION/

GO BACK GO BACK