Sergey Nivens - Fotolia
Australian companies saw a 15% increase in cyber incidents last year, underscoring Australia’s position as one of the most targeted countries in the Asia-Pacific region.
According to the 2017 Threat Report by the Australian Cyber Security Centre (ACSC), 47,000 such incidents were identified.
Private sector industries bore the brunt of the attacks, followed by federal government agencies. Ransomware and phishing attacks remain two of the most prevalent cyber threats – and these can be costly.
The ACSC report described how spoof emails duped one company of $500,000. The company’s employees had forwarded those emails to an overseas bank account before realising the messages, purportedly from their CEO, were fake.
Launching the report, Dan Tehan, Australia’s minister assisting the prime minister on cyber security, noted: “Over the course of 2016-17, reports to the ACSC indicated losses of over $20m due to business email compromise. This was up from $8.6m in 2015-16, representing an increase of over 130%.”
But he lamented the still poor rate of disclosure from affected businesses and called for them to be more open about incidents.
“If you don’t tell us you’ve been hit, we can’t help you,” he said. “It’s hard enough to catch the criminals who did it. But if you don’t report it, it makes it impossible and leads to more victims.”
Nick Savvides, Symantec
Of the incidents, ACSC counted, 58% were self-reported, with the remainder identified by ACSC itself. The mandatory data breach notification regime that will take effect in Australia next year should prompt greater transparency.
ACSC said its computer emergency response team responded to 734 cyber incidents affecting private sector systems of national interest or critical infrastructure providers, while the Australian Signals Directorate (ASD) responded to 671 serious cyber incidents affecting government.
The report also noted that as enterprises get savvier about protecting themselves, attacks were being targeted at their supply chain or outsource partners. The report noted that a defence contractor had been compromised in precisely this way – but warned that major enterprises were also vulnerable to such backdoor attacks.
Read more about cyber security in Australia
- Telcos such as Telstra and industry associations in Australia are chipping in to help enterprises that are being targeted by cyber criminals with phishing and social engineering exploits.
- Australia’s cyber security strategy has been a catalyst for improvements in cyber security across the country, but its long-term impact remains to be seen.
- Unsanctioned cloud apps continue to be major bugbear among security chiefs in Australia, a Symantec survey has found.
- The Australian government is aware it has a cyber security challenge, but might not understand the size of the issue, according to experts.
Nick Savvides, chief technology officer for Symantec in the Pacific region, welcomed the report, noting that the company’s own research had identified Australia as one of the top five most targeted countries in the region.
“With our high quality of life and relatively laid-back attitude towards security, Australia has always been an ideal target for scammers and cyber criminals. Historically, these threats came from the outside in – the difference now is that a growing proportion of cyber criminals are using trusted, yet compromised local services to attack the Australian population.
“This year’s ACSC Threat Report spotlights the tactics used by bad actors to access sensitive customer data by compromising private sector ICT providers,” he said.
Meanwhile, Murray Goldschmidt, chief operating officer and co-founder of Sense of Security, said Australia needed to lift its cyber security game and do more than rely on “tick a box” compliance.
“The key that unlocks the door, more often than not, is us,” he said. “We are becoming much more susceptible to social engineering, as these attacks become more sophisticated, leaving businesses vulnerable to hacks.”