Cybercrime is becoming a major concern for many sectors, and the cyber-theft of personal data and intellectual property is creating inevitable security risks for businesses.
Cybercrime usually starts with a targeted attack against a single organisation or individual, but it can quickly escalate into mass-scale incidents that can cost millions of dollars and affect large numbers of people. It is important for organisations to understand their risks as well as the threats they face, so they can prepare and take steps to prevent any damage from occurring.
The Australian Cyber Security Centre’s cybercrime report for 2020-21 has now been released, and while cybercrimes are on the rise, the report, along with the Essential Eight maturity model, provides businesses with information and practices that could help stop them from becoming a cybercrime victim. It provides an overview of what the future might hold for businesses, especially those in the online space.
The report states that cyber crime is a global concern, and it’s important for businesses to adapt to the changing world of digital business. The Australian Cyber Security Centre report recommends that businesses should adopt a multi-layered defence model. This would require businesses to use advanced data analytics to identify and mitigate the risk of cybercrime.
The report also emphasised the need for companies to take proactive steps to spot potential cybercrime attacks and to invest in a CISO – Chief Information Security Officer – who will be responsible for managing and mitigating risks. However, for businesses to understand their cyber threat risk, they first need to understand what crimes they are most at risk from.
Most common threats in 2020-21
According to the ACSC, no Australian business or organisation in any sector is safe from a cyber attack, but there are certain factors and attacks that are escalating the urgency for businesses to implement a robust security strategy.
The pandemic has put the world into crisis mode, and it has created a hotbed of online exploitation. Threat actors have leveraged the situation to gain access to critical data and infrastructure through COVID-19-themed spear phishing emails. A spear phishing email can often be successful because it looks like it has been sent by a trusted sender, but it is actually set up by a threat actor with the intent of stealing your data or installing malware into your systems.
Ransomware attacks have seen a 15% increase over the 2020-21 period according to the report, and they remain one of the most common attacks on the cyber threat horizon. In a ransomware attack, a malicious actor gains access to your critical data and demands payment for its safe return. Payment, however, does not always result in retrieving your data in the same condition, if at all.
Speed is a characteristic that many threat actors boast, and this is not good news for businesses. Businesses are finding themselves in a catch-22 situation as they rely on the information superhighway to stay informed about things like security vulnerabilities, but that same information path also gives attackers the information they need to execute an attack.
The situation is made even more dire for businesses when a security vulnerability proof of concept (PoC) is also released as was the case with PrintNightmare. The vulnerability alert along with a PoC can allow attackers to penetrate your IT environment within minutes.
Along with ransomware, supply chain attacks are increasingly a common target for attackers. Every company uses a supply chain to some extent, and it is this network that could be your downfall. You may have the most robust security strategy in the world, but if a third-party software vendor somewhere along your supply chain does not, your business can be affected along with every other business in your supply network.
Business Email Compromise (BEC)
For most of us, we don’t question the legitimacy of an email from the boss or somebody else with authority within the company, and malicious actors are taking advantage of this as much as possible. BEC is a tactic that relies on this likelihood. An attacker will pose as a high-level employee in emails to try and defraud the company by eliciting people to make illegal transfers with their stolen identity.
Security is more than just anti-virus software
As we begin to realise that anti-virus software alone is not enough to keep us secure online, the ACSC has already done the legwork and compiled a list of effective mitigation strategies called the Essential Eight Maturity Model (E8). Australian businesses are now required to implement the E8 list to ensure they and their critical data remain safe and intact. However, there are 6 further actions that are strongly suggested by the ACSC.
Report ALL Attacks & Incidents
The more the ACSC knows about current cyber attacks and attempts to execute such attacks, the better off ALL businesses will be. Therefore, it is highly recommended that all attacks, attempts to attack, or other cyber security incidents be reported to the ACSC immediately, so they, and your business, can stay ahead of the game.
Become an ACSC Partner
Be the first to know about changes to and incidents in the area of cybersecurity by becoming an ACSC partner. The ACSC provides its partners with the necessary insights, advisories, and advice your business needs to stay secure online.
Know Your Networks
Knowing your networks means knowing exactly where your critical data and infrastructure is located. This information is essential in order to implement a security strategy that can protect your organisation entirely.
The ACSC recommends that businesses be aware of how inaction or delayed response can negatively impact their security posture. Known security weaknesses should be patched within 48 hours of discovery, but the faster this is done, the better. Software updates should also be done within 2 weeks of a manufacturer releasing the updates. A robust cyber incident detection and response plan should be implemented to act as a failsafe should patching and updating practices be delayed.
Manage & Monitor Your Supply Chain
Your supply chain can increase your chances of being a cybercrime victim, so it’s important to understand and evaluate your supply chain regularly. Regular management and monitoring of your supply chain will help your business be more proactive in your cybersecurity management and approach rather than reactive.
Preparation is key
It is better to be safe than sorry, so preparation is essential. Nobody wants to become a victim of cybercrime, but according to the ACSC’s report, your chances of not being one are getting smaller by the day, so you should be prepared. Be sure to implement incident response, business continuity, and disaster recovery plans, so your team knows exactly how to handle every situation.
Boost your security posture with an MSP
Although the future of cybercrime looks grim according to the ACSC, a managed service provider (MSP) will be able to help your business effectively weather the storm. With an MSP, you can be assured that you will have access to an experienced team of cyber security specialists that can set you up with a robust security strategy that is E8 compliant and boosts your security posture.
The team at Bespoke Technology can help, so contact them today to make sure your security is the best it can possibly be.