Spike in Cyber Attacks

Spike in Cyber Attacks
In 2020, Australia has survived through a global pandemic and we’ve seen a spike in cyber attacks which can affect everyone, especially those who are unknowledgeable, vulnerable or distracted. Scammers and cyber attackers are not only targeting large companies in the Australian market (such as the banks and supermarkets) like in the past. Now, they’re targeting smaller, boutique organisations. 
Learn about some of the worst cyber attack trends growing this year in our blog below. Then, dive into these serious issues even further by joining cyber security expert, Martin Boyd from Vertex Security, as he covers 5 Important Cybersecurity Questions for Business in our upcoming webinar.
Fraudulent Phishing Emails  
Attackers target specific people, organisations and businesses with fraudulent emails. While most have spelling mistakes and their requests tend to seem off or unusual, phishing attempts have become significantly more sophisticated in the last year. By using third-party knowledge about specific industries to target organisations. For example, posing as a member of the finance or accounting team at an investment manager or super fund, and target the appointed fund administrator to gain information about the organisation’s bank accounts. This can happen when a corporate email account has been compromised, which is also increasing.

What Can You Do To Reduce the Risk?
No organisation, regardless of size, has unlimited resources. With the increasing number and sophistication of cyber attacks an organisation cannot 100% secure at all times. Unfortunately, data breaches present an enormous financial and reputational risk for businesses. A few steps that businesses should take to help protect themselves include:

Conduct a cyber security audit: Performing a cyber security audit helps to identify a company’s key assets and the vulnerabilities towards them. It is a method of staying secure and continuously improving security.

Use secure transfer protocols: Secure web portals or SFTP. When sending confidential data through email attachments, the attachments need to be encrypted to create an extra hurdle for scammers.

Use two-factor authentication (2FA): Not only for remote access to the network by work from home employees but also for key applications hosted externally and mobile email. Many times when email accounts are compromised it’s because two-factor authentication was not used for email access on mobile phones.
Use a browser protector and monitor: as well as email fraud defence solution that can detect and prevent fraudulent emails being sent from legitimate email mailboxes. XSurflog constantly works in the background to monitor all websites that your employees visit while giving them a way to block any dangerous websites immediately through XSurflog.

Hire a professional to conduct penetration testingwhich can help identify exploitable vulnerabilities, including online web portals, applications and networks which may contain proprietary and confidential client data.  

Employee cyber security training: Employees are an organisation’s greatest line of defence, but they can also be their greatest weakness. If employees are not aware of the cyber threats there’s not much a company can do to avoid cyber breaches. Research shows that when organisations implement cyber security training, within 90 days employees opening or clicking on phishing emails is reduced by half in simulated training.

No organisation can be 100% secure from a cyber attack. However, by implementing proactive practices may help minimise the potential risk of cyber attacks. Review our full list of services and contact us about all your cyber security needs.

Choose your preferred date and time to join us for 5 Important Cybersecurity Questions for Business now.

10 November at 4:00 pm

8 December, at 11:00 am