Cybercrimes are estimated to cost the Australian economy billions of dollars (1.9% GDP), and that does not take into account the significant number of online crimes and fraud in 2021.
Every company and organisation has data of value to cybercriminals who sell it on the Dark Net. Whether it’s personal information, usernames and passwords, or payment details. If your business conducts work or administration online - it’s at risk.
2021 Breach leaks over 500 million Facebook user’s data
The data of approximately 533 million Facebook users was leaked after a breach in February 2021. The breach released the users’ full names, locations, birthdates, email addresses and personal bios, among other sensitive information. This leaves users vulnerable to future targeting. These kinds of breaches appear innocuous but with this combination of personal information in the hands of criminals, you or your business are vulnerable to identity theft and fraud.
However, it’s not just the likes of Facebook and LinkedIn that are targeted by cybercriminals. The following are exemplars of Australian data breaches in the early parts of 2021.
Meat processing giant JBS hit
In May 2021, JBS Foods fell victim to a cyber attack that subsequently shut down all their meat processing production, including North America and Australia. While representatives for JBS refuse to comment, it is speculated that the cyber attack affected the pay roll of the thousands of workers employed within Australia, as well as creating logistical problems through the meat production chain.
Risk mitigation approaches include securing your identities and devices with endpoint protection tools (endpoints are user devices, like laptops and mobile devices, that are used as points of entry on networks), identity theft protection and firewall services.
AFL fan website victim of data breach
An AFL fan website – not the official site – was also victim to a large data leak, exposing approximately 70 million records of its users. The leaked data included phone numbers, passwords, email addresses and other personally identifiable information of its users. Private messages between users were leaked as well.
Because usernames and passwords were taken, there’s a risk that some users have the same combination on other websites putting them at risk on their banking, insurance, or retail services accounts. Limit your risk exposure by simply using a password manager (like RoboForm or Trend Micro) in combination with a diverse range of passwords. It’s also useful to use Dark Net search tools to scan for leaked credentials, particularly if business usernames and passwords are involved. DarkOwl and KELA offer Dark Net search tools.
Optus fined $40m for data breach
The personal details of around 50,000 Optus customers were leaked online and even though the telco discovered and self-reported the problem, they’ve been hit with a class action and a pay-out of at least $40 million to their customers.
Service NSW stolen data is still ongoing
More than 100,000 Australian residents were victims of a cyber attack to Service NSW, with many users still unaware if they were affected. Service NSW is still trying to contact at least 20,000 individuals whose email accounts were hacked. This breach resulted in the leaking of more five million documents, primarily as a result of not having straight forward multi-factor authentication (a second source of identity validation besides a password, usually in the form of code from a text message or an email).
Even though the attack happened in April 2020, there are ongoing ramifications going back to this breach of government’s data well into 2021.
Levitas Capital part of $170m cybercrime spree
Around 2,000 businesses were attacked, allowing cybercriminals to get their hands on an estimated $170 million from Australian businesses. Sydney hedge fund Levitas Capital was one of the most prominent targets, with the firm losing around $8.7 million. The majority of this came through phishing attacks in the form of fake invoices and social engineering. This could have been prevented by simply putting in place an online Cybersecurity Awareness Program for all employees.
The AFP has linked the attacks to crime gangs and hackers from overseas who have been specifically targeting Australian financial services.
Take the Cyber Risk Program Challenge to protect your business and employees from online crime, fraud and disruption. If you can’t answer this question
“Do You Know “The Truth About Your Cyber Resilience?”
then the time is now.
Implement an independent, expert, “Hacker View” risk assessment and mitigation strategy from an innovative risk team, using best of breed technologies and a truth to power approach tailored to the Management or Executive Team and Board of Directors (BODs): Cyber Risk Program.
Comprehensive Security Solutions for SMB and Enterprise
Barclay Pearce Capital's client WhiteHawk Limited (ASX: WHK), offers free consultations to help businesses of all sizes identify their website security vulnerabilities and match them to affordable solutions.
WhiteHawk is focused on next-generation solutions that leverage publicly available data sets, Artificial Intelligence (AI) based analytics, and online risk platforms that scale to identify, prioritise and mitigate a breadth of digital age risks in near real-time. Their methods have been tested and evolved with government departments and Fortune 500 companies.
Using machine learning, any business can access their online and virtual service to help you discover, learn, receive immediate online matches to top solutions, find insights, affordable vendor products and services, or chat with smart cyber advisors in real-time, so you can take smart action and own your cyber success story.
To keep up to date with what's happening with WhiteHawk and the cybersecurity industry as a whole, subscribe to the Whitehawk Chairman’s List.