Post Covid-19, digitalization has seen a renewed surge. In light of this increased activity, businesses use and share information- with their customers, clients and other third party vendors. However, this opens up multiple avenues of cyber security threats and needless to say the digital world is under attack, with network breaches and cyberthreats happening hundreds of times a day in Australia and throughout the world.
According to cyber.gov.au the most recent annual report states that the ACSC received over 67,500 cybercrime reports, an increase of nearly 13% from the previous financial year. That equates to one reported cyber-attack every 8 minutes, with a higher proportion of these incidents categorised as having a ‘substantial impact’.
What type of Threats?
So, what are the cybersecurity threats that businesses in Australia face? Alkon Cyber Security, formed in Israel by expert IT leader Omer Yerushalmi has recently opened a branch in Australia to service the growing need for A-grade cyber security.
Michael Ben-Zaquen, Senior manager of Alkon Australia says, “From what we have seen in the last six months, hackers are getting more creative and business owners are not prioritising cyber security. This is a dangerous combination. It doesn’t cost much to arrange a ‘health-check’ of business IT security, but it is invaluable for all parties.”
“It seems that Melbourne businesses recovering from COVID are simply overlooking this aspect of their operation, especially small to medium businesses. The outcome of cybercrime can be devastating,” Michael advises. Law firms, insurance agents, tax consultants, accountants, real estate companies, banks, financial lenders and brokers and any business owners who hold a database of confidential client information, are required to meet the conditions of government regulations.
The Australian Cyber Security Centre (ACSC) who leads the Australian Government’s efforts to improve cyber security, advises that Cyber security is everyone’s responsibility and provides specialised advice about how to protect your business online.
- Leaked information: Cyber hacking, back door entry and stealing of sensitive information from your database and online systems
- Ransom demands: Threats of theft or distribution of information, computer downtime and costly random payment demands
- Hostile Code: Implantation of software viruses into computer systems causing varying degrees of damage
- System Disabling: Destroying the operating system and in turn, the ability to function productively as a business
- Phishing: Planting illegal software on the computer which transmits passwords for unauthorised access to a user’s system
Beyond the day-to-day monitoring and intelligent upgrading of software and systems, Alkon also provides essential ‘employee education’ to empower personnel to practice safe digital behaviour and recognise any red flags. In unison with other worldwide organisations, the ACSC outlines what a cyber security company and their customers should do to ensure best practice when handling and securing sensitive business and customer information.
Prevent initial compromise – Improve security of vulnerable devices, protect internet-facing services, defend against brute force and password spraying and safeguarding against phishing attacks.
Enable / improve monitoring and logging processes – It can be months before cyber incidents are detected, so it is important to store logs for at least 6 months. Security provider should implement endpoint detection and network defence monitoring
Enforce multifactor authentication (MFA) – To secure remote access applications, businesses should use 2FA or MFA across all customer services and products as well as for privileged internal accounts
Manage internal architecture risks and segregate internal networks – Security provider should assess systems and strategically segregate the networks, isolating critical business systems where appropriate, to reduce the impact of a cyber-attack or compromise.
Apply the principle of least privilege – In small to medium businesses, and of course in large scale organisations, it is essential to assign relevant privileges to internal personnel using a tiered model. Additionally, certain devices can be set up to relevant access levels. For those will full privileges, time-out settings can be applied.
Deprecate obsolete accounts and infrastructure – Regular or periodic review of user accounts when personnel transition, as well as network infrastructure audits to identify and disable unused services and systems.
Apply Updates – Software, including operating systems, applications, and firmware should be periodically updated. Priority should be applied to software containing known exploited vulnerabilities
Backup systems and data – Update and test backups on a regular basis to ensure ease of critical system rebuilding in a cyber crisis. Storing these backups separately is recommended using encryption back up technology, which is the only full proof way to safeguard against ransomed file attacks
Understand and proactively manage supply chain risk – Cyber security companies inevitably need to adopt programs and services designed by third party vendors and subcontractors. This needs to be communicated with customers and proactively managed throughout the contract term.
Promote transparency – Both the security provider and the organisation are obligated to be responsible for safeguarding the business to the best of their abilities.