Cyber Security is a major threat to individuals, businesses and critical services, and infrastructure at large.
There are numerous examples world-wide of serious cyber attacks that have had crippling effects on large organisations and countries.
For example, an hour after Russia took power in Ukraine, Russia took offensive cyber action by freezing communications company Viasat (who provides much of Ukraine’s internet connectivity) so that nothing worked.
According to the Australian Cyber Security Centre (ACSC), the pandemic significantly increased Australia’s dependence on the internet, which in turn generated more opportunities for cyber criminals to exploit vulnerable targets in Australia.
The most recent ACSC Annual Cyber Threat Report states that ACSC received over 67,500 cyber crime reports in the 2021/21 financial year – an increase of nearly 13 per cent.
It is essential that the Australian Government, businesses and individuals alike, do what they can to tackle this growing problem.
The first step in combating cyber attacks is understanding the threat.
Below we will step through some common cyber security threats and what you can do to safeguard against them.
Threats to Cyber Security in Australia
The Australian Cyber Security Centre (ACSC) leads the Australian Government’s efforts to improve cyber security.
They monitor cyber threats, provide a place to report significant cyber security threats, and provide advice on how to prevent them.
However, it remains the responsibility of individuals and businesses to identify personal threats.
The 2020/21 ACSC Annual Cyber Threat Report states that self-reported losses from cyber crime equated to $33 billion in that financial year.
So, the question is how do you identify cyber threats?
The best way to understand cyber threats is to know the types of attacks that can occur.
Staying abreast of these threats will help combat attacks and ensure you are not financially or otherwise impacted from a cyber crime attack.
Here are some of the most common cyber security threats in Australia:
- Fraud-related cyber crime
- Online shopping scams
- Online banking scams
- Identity theft
- Business email compromise
- Investment scams
- Selling scams
- Bulk extortion
5 Reasons Cyber Security is important for Australian businesses
Even with the rising threat of cyber crime, many organisations are lax about cyber security.
In particular, Australia’s small-to-medium enterprise (SME) sector has been slow to adopt adequate practices to protect their cyber security.
A survey by ACSC found that Australian SMEs are aware that cyber security is important but there are barriers to implementing good practices, such as not having staff with a dedicated IT focus, complexity surrounding cyber security, underestimating the risk of threats, and difficulty around planning and responding to threats.
Here are just some reasons why cyber security is vital for businesses today:
1. Increasing rate of cyber crimes
As mentioned previously, cyber crimes are on the rise and affect both large and small businesses.
Cyber criminals target the critical assets of these businesses – such as financial assets – but even more so, personal information about businesses and their clients.
According to ACSC, disruption of essential services and critical infrastructure accounted for approximately one quarter of the cyber incidents reported during the 2020/21 period.
Attacks to essential services, such as health care, food distribution and energy providers underscores the vulnerability of critical infrastructure to cause significant disruption, lost revenue and the potential of harm or loss of life.
2. The Rise of IoT devices across all industries
Internet of Things (IoT) technology simplifies tasks and streamlines everyday processes.
Yet, because of its hyper-connectivity, it is vulnerable to cyber attacks.
This is reflected in some of the major concerns around 5G technology and its hyper-connectivity and data sharing ability.
Some examples of IoT devices include connected cars, smart home appliances, AI home solutions, connected healthcare devices, traffic management systems and much more.
As amazing as these devices are, as technology advances, the threat grows.
3. Increased technology takeup
IoT technology is not the only reason why cyber security is important.
Other evolving technologies leave businesses open to cyber threats.
Some examples include cloud-based services, API services, edge computing and server-less computing.
All of these technologies are avenues that cyber criminals can exploit, who target these data technologies to greatly affect business processes.
4. Increase in ransomware
Ransomware is a common cyber attack method.
Ransomware has become a significant focus for law enforcement agencies, because it can cause losses of millions of dollars to organisations.
Its primary target is virtual systems, IoT and cloud technologies, as hackers use ransomware to steal data from anything that connects to a network.
They steal, extort and even disable security protocols using ransomware, which poses a serious threat to personal and financial data.
As a result, it has become imperative to combat this threat with stringent cyber security protocols.
5. Internet and cryptocurrency
According to Paul Haskell-Dowland, the Professor of Cyber Security Practice at Edith Cowan University, the global cost of cyber crime has surpassed the estimated $1 trillion mark because so much cyber crime goes unreported.
Cyber criminals are becoming increasingly sophisticated, with organisations that are incredibly well-resourced.
Because of this, individuals are becoming more and more susceptible to cyber attacks, and these organisations can be targeting 100,000 people at one time.
Though cryptocurrency is a digital currency that uses encryption techniques and is designed for security and anti-counterfeiting measures, it is not immune to cyber threats.
According to Forbes.com, cryptocurrency exchanges are a key target for hackers because they deal with large amounts of virtual money.
And as these forms of currency become increasingly more mainstream, they will become just as vulnerable to attack as fiat currency.
What are the best Australian cyber security practices?
Now that we understand the importance of cyber security, what can be done to safeguard against a cyber attack?
If Australians can implement some simple cyber security practices, the number of attacks will reduce.
Whether you are an individual or a business, here are key practices to adopt to prevent cyber threats.
Update your system and applications
Cyber criminals are becoming increasingly sophisticated and are constantly evolving their illegal activities to exploit vulnerable people and organisations.
As a result, software providers continue to update their software to provide better protection against hackers and to remove vulnerabilities.
Always apply updates to every device you or your business uses, including your mobile phone.
This ensures that cyber criminals don’t have easy access to your system.
Businesses should always restrict access to software systems to key team members, and remove all hardware that is no longer in use.
It is also important to keep records of all software systems and their users.
Old machines should also be wiped of any sensitive information.
Use a secure connection
If you’re using any network connection, ensure it is secure. Better still, use a VPN connection to ensure you have an active firewall.
Also, make sure that your WiFi networks are protected.
You shouldn’t connect to any unknown WiFi network, whether at a café or on public transport.
Use anti-malware protection
Using anti-malware and antivirus software will help protect your computer systems.
The best malware software protects businesses on several levels such as real-time monitoring, detection, forensic analysis and takedown.
It should also block files that are potentially dangerous and disrupt suspicious installations that attempt to change settings on your device.
Back-up data and use a password manager
Backing up your data is a safeguard strategy in the case of an attack. It ensures that you aren’t starting from scratch if you do fall victim to a cyber attack.
To protect against data loss, you should have a secure cloud storage system in place.
It is also advisable to use a password manager to store your passwords.
Many people use the same password across many platforms because it’s easier to remember, but all it takes is for one weak system to be exploited and hackers will have access to all your information across multiple platforms and services.
Implement multi-factor authentication
Multi-factor authentication requires users to provide two (or more) identity verifications to gain access to their account.
It works by prompting users to provide their password before requesting a code, which can be sent via SMS/email address to their device or via an authentication app.
This adds an additional layer of security that cyber criminals can not usually penetrate.
Cyber security is a key consideration for the Australian Government, but it is also up to individuals and businesses to play their part in preventing cyber attacks.
Cyber criminals are becoming increasingly sophisticated and are very well resourced, but through a few simple measures, businesses and individuals can do a lot to protect themselves from attack.
By implementing some key protection strategies, the threat of cyber attacks can be minimised, and businesses and individuals can have peace of mind knowing they are doing all they can to increase their cyber security and protect their assets.