COVID-19 and financial scams: how the pandemic has dictated the threat landscape in 2020.

About two weeks ago, I published an article on LinkedIn and the Cyber Aware blog in which we forecasted a second wave of scams related to COVID-19. The article demonstrated that compared to the March/April period of 2019, in which Australians lost over $20 million dollars to scammers, the same period in 2020 saw an approximate 33% increase to this already colossal figure, at almost $32 million dollars in financial damages.

It’s common knowledge at this point that the current pandemic has introduced a plethora of scams to the Australian public, but what stood out to us largely was the following statistics in which there is a clear correlation between a sharp decrease in both COVID-19 daily cases, and financial damages as the result of scams.

Financial losses per month as a result of scams in Australia (Link)

No alt text provided for this image

Daily COVID-19 cases detected within Australia over recent months (Link)

No alt text provided for this image

In Victoria, where Cyber Aware is based, and wherein daily coronavirus cases recently broke 400, we’re gearing up for not only a second-round of lockdown restrictions and safe-practice, but also for the second round of COVID-19 related scams.

The reason that we attribute the rise in scams to causation rather than a mere correlation with COVID-19, is because of how hackers and scammers have operated historically. 90% of data breaches are successful directly due to human error. Scams are designed to directly pray on human insecurity, and create a sense of urgency behind a fraudful message. Whether it’s demanding bank details to “rectify a tax-claim error”, requesting sensitive data under the guise of a trusted colleague, or deceiving an out-of-work citizen into making payment for a false superannuation claim during the pandemic.

Hackers look at the vulnerable circumstances generated by the 2020 pandemic and see nothing but an opportunity to embezzle money from innocent individuals. Already we’re seeing this resurfacing in line with the increasing cases and media-attention, as ATO and government scams against the Australian public skyrocket.

And again, this trend of hackers jumping on mass-insecurity during times of disaster is evident as far back as September 11 in 2001, all the way through to the rampant bushfire scams at the beginning of 2020.

Typically, a trusted source is used to pray on this insecurity, such as government agencies (link) or well-known brands.

Take this recent scam for example, in which attackers send fraudulent email and SMS notifications claiming to be the Australian Taxation Office. Typically, the scam will look something similar to the below and will result in the victim granting full access of their ATO account to a malicious party.

No alt text provided for this image

Furthermore, not only have there been more scams, particularly praying on public concerns surrounding the pandemic, but our relationship to technology has shifted as a result of our mass migration to work from home as well.

This has frequently resulted in a lower quality of security, with people now sending private work information via personal social media accounts, sharing said data on family-shared computers, and operating largely on less secure internet connections and often without a VPN in place.

This has all resulted in not only a challenging obstacle to our productivity and workflow, but also to our workplace security.

Moving into the latter half of this unprecedented year, stay aware and cyber-safe with the following three tips:

  • Be vigilant of scams. Any time you receive a sensitive request for action, whether it be logging in to a system, providing payment information, or supplying private/personal information, make sure that you were expecting the request and that you have verified the source of contact. Stay up to date on current COVID-19 scams via Scamwatch.
  • Keep your personal and professional data separate. It can be easy to send a file via Facebook or your personal Gmail account, but in doing so you are increasing the risk of a data breach significantly. It may be difficult, but make sure your work-from-home systems are the exact same as the ones in your office. Keep your work at work, and off of personal accounts.
  • Give each other a hand. The major difference in whether or not you fall victim to a scam is always going to be awareness. If your colleagues aren’t aware of the current scams, or if you spot an unsafe practice, let them know! Give your colleagues a friendly reminder or tip from time-to-time, and it can make a world’s (or bank account’s) worth of difference. The best defense against social scams is a social firewall.

For more tips and news on cyber-safety in 2020, visit cyberaware.com!

Hacked by an Instagram celebrity: FBI arrests popular Instagram millionaire after alleged tie-ins to major scam racket.

Social media influencer and millionaire, Ramon Olorunwa Abbas, is currently being detained for criminal charges over alleged involvement in a major scam racket.

For those unfamiliar Abbas is an Instagrammer known for his opulent, “living the high-life” persona which he regularly presents to his 2.5 million followers.

The FBI alleges that Abbas has made hundreds of millions of dollarsthrough his involvement with a ring of fraudsters and scammers, specializing in Business Email Compromise (BEC) attacks.

BEC attacks involve hacking an email account, typically corporate, to send fake and illegitimate messages to clients and trusted contacts, typically in order to intercept or redirect financial transactions.

If you’ve been following my writing for some time, we regularly cover BEC in reference to news and best current practice, due to its fast-growing employment by scammers both domestic and abroad.

And with my experience, not only in cybersecurity but also in email hosting, I’ve seen BEC used against innocent business-owners time and time again over the years for massive financial exploitation.

Abbas was accused following a thread of social media poststhat implied tie-ins to a trans-national cybercrime network. During a series of arrests throughout this investigation (video link here), 12 other individuals were arrested, and upwards of $40 million in cash was confiscated alongside the hard drives containing email addresses of nearly two million victims.

This case follows the recent arrest of Obinwanna Okekein which Okeke pleaded guilty to $11 million of computer fraud between 2015 and 2019. Okekewas previously known as a celebrated entrepreneur, and was actually listed in the Forbes 30 under 30 before his criminal activity became public knowledge.

In response to the continuously rising scam culture across the globe and particularly within Nigeria, FBI agent Michael Nail attributes the appeal of this illegal activity to the sentiment that “You can sit at home in your PJs and slippers with a laptop, and you can actually rob a bank”

The effects of this alleged scam-work not only impacts the numerous victims, who’ve lost upwards of 124 million dollars, but also wears poorly on Nigerian relations with the United Arab Emirates public, as seen in this slew of anti-Nigerian job advertisements circling around following Abbas’ arrest.

Abbas’ lawyer has issued a statement on the allegations against Abbas, stating that Abbas not only earned his wealth through entirely legitimate means, but also that the FBI arrest should be deemed a kidnapping.

Regardless of the outcome of this case, here are a few steps to avoid BEC yourself:

  1. Keep your work and your personal email usage separate. If there’s one sure-fire way to fall into a BEC trap, it’s by sending confidential information on personal email or social media channels. Stick to the business email at all times.
  2. Use two-factor authentication! I and all of my cybersecurity colleagues must sound like a broken record at this point, but two-factor is just that important. Two factor is that extra layer of security that could make the difference between a breach and a close-call. It’s essentially what seatbelts are two cars. If you aren’t familiar with two-factor, read up here for some quick steps on setting it up.
  3. Keep on top of your password hygiene. This means strong passphrases, changing them regularly, and if storing them keeping them in secure locations such as a password manager. Essentially, treat your password the same way that you would a toothbrush. Pick good ones and change them regularly.

Financial scams during the pandemic: preparing for a second wave.

Now that we’ve reached the mid-way point of 2020, I can’t help but feel as though we’re resting in the eye of the storm. By all means, we’ve largely done a fantastic job of responding to the situation. We’ve acted on our feet and through our ability to remain adaptive and resilient, we’ve still landed in a largely manageable position.

However, concerns of a second wave are certainly looming. Currently, we’re seeing USA cases spike to higher points than ever, and Victorians such as myself are re-entering lockdown in an attempt to curb off resurfacing cases in suburbian hotspots.

My concern, however, isn’t solely for the virus itself. It’s also in the ramifications surrounding COVID-19. For example, I’d be remiss to see many of the local bars, restaurants, and small businesses that barely survived the first leg of the year, be forced back into a lockdown.

I’d be remiss to see individuals who’ve had a hard time dealing with lockdown back in square-one of self-quarantine.

And I’d be remiss to see the huge damages of COVID-19 related scams resurface yet again.

This year saw a plethora of COVID-19 scams in 2020, ranging from government-impersonating phishing scams through to false promises of early superannuation access to those in need. For a frame of reference in just how damaging and successful these scams have been, March & April of 2019 saw Australians facing a total of $20,466,361 in damages at the hands of scammers.

That’s a huge amount of financial damage in of itself, yet in 2020, the same months of March & April saw total losses of $31, 176, 098! That’s a gigantic increase of over ten million dollars lost in scams.

And funnily enough, if you then view the drop in financial damages during May of this year, you end up with a curve that closely resembles new COVID-cases.

Financial losses per month as a result of scams in Australia. (Link)

Daily COVID-19 cases detected within Australia over recent months. (Link)

As Australia “beat the curve” and lowered COVID-19 cases in April, the financial damages lost to scams dropped significantly in the following month of May. The drop in COVID-19 cases likely corresponds to the waning number of successful scams.

As public concern over COVID-19 softens, so to does the insecurity among individuals that scammers are working so hard to exploit.

As Australian coronavirus lowered, it’s viable to say that our susceptibility to coronavirus scams did too.

But just as we need to remain vigilant and prepared for a second-wave of COVID-19 cases (which we can see beginning to spike again towards the end of the daily cases graph), we also need to remain vigilant and aware of our vulnerabilities to scammers.

Moving into the latter half of 2020, here are some tips you can use to spot and avoid malicious scams:

  • Remain calm: Scammers are largely successful in their efforts because they know how to target our insecurities. If you’re contacted about medical results, financial benefits, or anything else pertaining to COVID, make sure you take a step back to make a calm & informed decision
  • Verify the source: A lot of scams are currently impersonated both public & private entities that we’re familiar with in attempts to lower our guard. No matter where a message claims to be from, always keep in mind that it can be a scam, and needs to be verified via legitimate contact points, such as the phone number or email on the company’s website.
  • Stay up to date on current scams: Some of the most successful scams are also some of the most well-known, and keeping an eye on publicly known scams can help you identify the tactics being used by malicious attackers now. A fantastic source for staying on top of current scams is the Scamwatch website, which I’ve personally checked regularly during this pandemic.

For more information on cybersecurity, awareness, and staying safe online, visit cyberaware.com!

State-based actor targets Australian government and business in major cyber attacks: Scott Morrison addresses the public

This morning, Scott Morrison addressed the Australian public to raise awareness of ongoing cyber threats facing the Australian government, as well as both the Australian public & private sectors.

Citing an incident pertaining to attacks against Australian government that are decisively from a state-based actor, Scott Morrison demonstrates that the need to raise this issue is not bought on from this or any particular attack, but ongoing cybersecurity threats that Australia, as well as many other nations, are consistently facing.

And based on recent years, this couldn’t be truer. Australians have fallen victim to a plethora of cybersecurity attacks, ranging from the day-to-day scams that target individuals and Australian small businesses, through to large-scale cyberattacks against infrastructure and large businesses.

Morrison mentions sophisticated state-based cyber attacks targetting critical infrastructure, the private sector, and all levels of the Australian government, and for each of these identifiers, we don’t need to look far back for matching examples of significant data breaches within Australia.

Private Sector: Toll Group suffers multiple high-impact ransomware incidents throughout 2020.
Critical Infrastructure: Victorian regional hospitals suffer crippling ransomware attacks, causing days of limited capacity and halted services.
Australian Government: Australian Parliament identifies a foreign government hack targetting Australian Parliament’s servers.

Morrison affirms his intention in bringing this topic to the public is not to raise concern, but to raise awareness; which is repeatedly shown to be the key factor in preventing human error and mitigating cyber-risk.

And while it is currently unclear as to who the state actor launching the attack(s) in concern is, there are a few key measures any individual or business can take to ensure their own safety regardless:

  • As the Minister of Defence highlighted, it’s critical to update to internet-facing devices and apps. What does this mean? In short, stop snoozing update reminders! By updating your software (apps) and devices, you can ensure that new security fixes are kept up-to-date.
  • Use two-factor authentication. I might sound like a broken record to my regular readers, but two-factor is arguably the strongest security improvement you can immediately put into effect. For more details on setting it up, read here.
  • Raise awareness for yourself and your colleagues. It’s a well-known fact that over 60% of data breaches occur as a result of human error. It’s critical to train yourself and your colleagues on Cyber Awareness as to ensure that a simple mistake doesn’t lead to an irrecoverable loss.

What can our reaction to the global pandemic teach us about risk?

No one could have predicted the COVID-19 pandemic. At least, that’s what I’m hearing. In reality, the ramifications and likelihood of a global pandemic have been predicted to a T as early as fifteen years ago. Despite this, none of us were adequately prepared for the impact on the economy, on social norms, or on our individual businesses.

Similarly, the ramifications and likelihood of a cyber-pandemic, particularly in the form of cyber warfare, are well and truly predicted. And, unfortunately, with the same lack of readiness.

The Australian Department of Defence forecasts the impacts and likelihood of a cyber “war” situation in their 2020 document; Department of Defence Mobilisation Review.

The document, among other things, outlines critical vulnerabilities in several sectors of industry, including Fuel, Power, Transport, Electricity, Health & Water, and is an incredibly informative read that i recommend for any Australian citizen.

In a workshop conducted by the Australian National University, it was emulated that majority of attacks would be targetted against civilians, rather than military or government.

“Disruption of food and fuel supply chains was a common theme. Other scenarios targeted consumer banking, ticketing at major sports events, or “mum and dad” business networks, to increase public inconvenience and fears.”

Most notably, the document outlines that in a scenario of cyberwar, adversaries would not just exploit computer systems; they would exploit vulnerabilities in society.

Predicting the impact of macro-crisis, such as cyber-warfare or the current pandemic, can be difficult. No one could have predicted the impact on their business, because we’ve never needed to. The reason that so many businesses were completely taken by surprise, is because no one thought it would happen.

For those of us lucky enough to continue operations, and for those of us who have adapted our operations to fit these trying times; there is a lot that we can learn.

Firstly, in the same vein that you can’t stop a pandemic, you can’t stop cybercrime. But, what you can do is have a measured, established risk-based plan and response for your business.

We recommend putting time and effort into establishing incident response measures, as well as preparations for large-scale impacts on your business, both in cyber and key risk drivers.

While you can’t control the large-scale ramifications of a potential cyber-pandemic, such as the impact on supply lines, key infrastructure, and tech, you can prepare for and mitigate risk to your business.

Remember, even in the context of a general cyber-attack, there are huge large financial, operation and reputational repercussions to account for. In 60% of cases, one cyber-attack is enough to cause businesses to shut down within only 6 months.

Whether you already have an established risk-management plan or not, here are a few key cyber-points that all business should have covered:

  • Identify your key assets. Every business has key data and critical systems that they could not continue to operate without. Common examples include confidential client & business records, network infrastructure or systems that are integral to your product/service.

    In the same vein that many businesses in hospitality have suddenly lost their bread-and-butter services, and have been forced to adapt, cyber incidents have a similar, but much wider scope of impact to businesses.

    Identify the crown jewels of your business, establish extra protective measures to ensure that they are safe (such as two-factor authentication and access control), and establish worst-case scenarios in which your business could temporarily operate in the case of a data breach.
  • Back up your data. For certain types of cyber-crime, such as ransomware, the hardest part of recovering is getting the business back online. By regularly backing up your key data & systems, you can not only get back on your feet much faster, but you also remove some of the leverage that a hacker has over your business.
  • Responding to the public and your client base. Regardless of whether a cyber-incident is targetted, or impacts you from a wider scale, your stakeholders will need answers. Establish a timeframe, template and plan-of-action that can be efficiently and promptly communicated to the public and your stakeholders. This not only ensures that you meet compliance, but it also saves you a lot of reputational harm.

For many of us, this pandemic is simply an affirmation of risk. Risk is real. While you can never remove 100% of the risk, you can understand it, identify what you are comfortable with, and prepare your business with a plan accordingly.

Having no risk assessment or plan in place is likely to leave you in a similar situation to many COVID-19 impacted businesses right now. For those in high-risk industries, such as airlines, accommodation and hospitality – did they have a plan outlining their key action steps in the scenario that their primary operations entirely stopped in 4 weeks?

No. And in hindsight, it’s become obvious to all of us that we should have been prepared.

While this sort of doomsday-level preparation would have seemed silly in January, it’s clear to all of us now that it’s entirely necessary and reasonable. COVID-19 should serve all of us as a wake-up call, and encourage us to be mindful and ready for sudden changes, and difficult scenarios.

Staying Cyber Aware of fake domains and COVID-19 scams: fake domain registrations in the thousands

Scammers always exploit people’s fears, and what could be an easier target today than COVID-19.

70% of new domain name registrations are said to be malicious, and since the advent of COVID-19 over 30,000 scam registrations relating to the pandemic have been identified.

The vast majority of these scams come from the U.S, followed by Italy, Germany and Russia.

Luckily within Australia, there are few more hurdles for a scammer to get through before they can register a domain name. Namely, they need to have a registered business entity through ASIC first.

When it comes to international domains, such as .com domain names, they can be registered quickly and without hassle, meaning that they are largely dependant on third-party security vendors to detect & take them down.

This can take between a few hours or a few days, which is more than enough time for a scammer to put a malicious domain name to good use.

Furthermore, keep in mind that while malicious domains are primarily used to launch fake websites, they can be used for other purposes, such as phishing emails.

For example, a scammer could use a domain such as “covidcure2020.com.au” to launch a fake vaccine website, or they could use it to send you a scam email addressed from “info@covidcure.com.au”.

Cyber Aware recommends that you treat any COVID-19 related domain name, email, or website very cautiously during this time. Furthermore, when browsing the web in general, you take these steps to stay safe:

  • Always check for HTTPS in the URL
    • While https:// isn’t the guaranteed badge of safety that it’s often portrayed to be, it’s still necessary and much safer than its counterpart (http). Wherein visiting a website that starts with https:// guarantees that you are at least visiting a site with a verified security certificate, http sites are far more open, and allow your data to essentially be eavesdropped on in transit.
    • To check for HTTPS://, look for the padlock and https:// in your browser address bar.
  • Make sure the URL matches the website you expect to be visiting. Often times, fake domain registrations will try to match existing websites and just change a few characters around.If you click on a link or popup expecting to be taken to Bunnings or BIG W for example, make sure that the link you land on actually matches their official website exactly.
  • When you receive an email, check the address! Because modern email systems allow for senders to show a display name instead of an email address, it’s a lot easier for scammers to pose as others. Whenever an email contains a link for you to click, or is asking for payment/data, be sure to expand the display name and check the actual email address of the sender!

Finally, here are some of the most current COVID-19 scam types currently floating around;

  • Superannuation scams: scams that offer fake early-access to your superannuation and request private data or bank details to proceed.
  • Phishing/SMS scams: these have been absolutely rampant since the pandemic broke out. Read further about fake government SMS scams here.
  • Fake vaccines/med treatment: emails and sites may offer access to COVID-19 testing or vaccinations. Never seek these services outside of official vendors.
  • Price gouging on sanitation products: this extends outside of the realm of cyber also, with people hoarding key supplies (such as toilet paper) and upselling it at ludicrous amounts.

For more information on staying cybersafe during COVID-19, visit https://portal.cyberaware.com/remote.

Three Cyber Aware tips to protect your password(s): World Password Day sees 555,278,657+ stolen credentials.

Depending on your part of the world, today is World Password Day! While for fellow Downundians it was actually yesterday, there’s never a bad time to strengthen your passwords!

As of right now, HaveIBeenPwned (a database of real-world passwords previously exposed in data breaches) reports 555,278,657 stolen passwords in their database.

You can actually visit their website and check if one of your passwords is among the many stolen.

Furthermore, large portions of these passwords and the countless unaccounted for in unknown data-breaches are constantly being bought, sold, and used in the dark web to exploit individuals and organisations at large.

To best avoid your passwords being bought & sold on the dark web along with the billions of others, we’ve come up with three key password tips to close out your work-week:

Tip 1: Start Passphrasing!

Have you ever struggled to come up with a strong enough password for a new login? The easiest way to get around this, while still creating a password that’s easy enough to remember, is passphrashing!

If you haven’t already heard of it, passphrasing is essentially like using an acronym; you take the first letter of each word in a sentence or phrase, and use it to make a password!

For example, “I’m going to the pub after lockdown” could be used to make a passphrase such as “iGtTpAl831”.

This way, you have an easily memorable password that’s much harder for a hacker to guess or crack. Remember to use a mix of upper & lower casing, as well as some numbers & special characters for extra strength.

Tip 2: Regularly Change your password!

Passwords should be treated like your toothbrush. Never share it around, and change it regularly.

The reason for this is that even if you have a strong password that is entirely unguessable, it can still be lost or stolen in other ways. Take, for example, the recent Zoom security issues; one of which saw a large pool of passwords stolen during a data breach and sold on the dark web.

In this scenario, weak and strong passwords alike were outright stolen and leaked entirely outside of the end-users control. And considering that on the dark web, password trading and password dumps are still being performed regularly, sometimes in chunks upwards of 2billion at once, it’s more likely than not that your passwords are already out there.

Even if you have a strong passphrase, change it often to ensure that your password is private & secure.

Tip 3: Use a password manager!

At the risk of sounding like Elon Musk discussing his newborn in the new Joe Rogan podcast: human brains are a lot like computers. We have a limited amount of memory.

Rather than scrambling to remember each and every unique password, or worse, compromising the strength & complexity of your passwords to ensure that they are memorable, use a password manager!

The way that password managers work is similar to how a browser’s auto-fill works. When logging in to an account, you type in your username & password just once, then your password manager securely stores and remembers them. Next time you log in, the password manager will take care of the grunt-work and log in for you.

The only password you still need to remember is your master key for the password manager itself.

You’re probably thinking that this doesn’t sound safe, but in exchange for this easy login tool, good Password Managers bulk up their security on the master login. Often times, you’re required to know your master-key, have a two-factor authentication code, and authorise the device that you’re logging in from.

In exchange for that hassle, you don’t need to write down or remember any of your other passwords, and they’re actually kept safer as a result!

Some password managers I’d recommend are LastPass1Pass (my preferred choice), and the updated Google Password Manager with Two-Factor enabled.

For more information on work-from-home security, visit https://portal.cyberaware.com/remote.

Are we prepared for a cyber-pandemic? Cyber Aware’s safety-advice for Privacy Awareness Week

Despite decades of warnings and best advice from leading scientific bodies, no one was adequately prepared for the COVID-19 pandemic.

In many parts of the world, businesses have shut-down entirely, health-care has been utterly over-run, the economy has shifted and people have frequently lost not only their jobs but regrettably, many have also lost their lives.

The one saving grace of all this (asides from the amazing, adaptive public response) has been our technology; the ability to take our work home and to broadcast key information to the masses at an instant.

However, what if we had a similar situation to the current pandemic, without the ability to fall back on our tech?

Experts have been forecasting global cyber-crisis for years, citing wide-spread malware infections, cyber-warfare, and cyber-terrorism not only as serious threats but potential doomsday actors.

These concerns are wholly valid, with Donald Trump declaring a state of emergency in response to foreign hackers threatening U.S. power grids only last week!

This might sound like fear-mongering or an excess of the ol’ doom & gloom, but considering the radically increased business & infrastructure reliance on technology during the 2000s, and the fact that over 80-90% of businesses now rely on technology for communications and internal management, the damages of a tech-based pandemic would be catastrophic.

Concerns surrounding a cyber-pandemic started to flow into the mainstream largely following the Stuxnet virus discovery in 2010, in which a powerful computer worm aimed at Iranian nuclear facilities reportedly destroy numerous centrifuges, causing them to burn out.

After being confirmed as an act of war, Stuxnet malware essentially mutated and was found in numerous industrial facilities across the globe.

These kinds of attacks against critical infrastructure continue as recently as November of 2019, in which India’s largest nuclear power plant suffered a serious cyber attack.

The problem with cybercrime is that it’s ludicrously cheap and effective, that it essentially trumps all other forms of crime & warfare. Why build a multi-million dollar fighter jet if the enemy can shut it down at the flick of a switch? Why build a steady source of income when I can phish hundreds of thousands of dollars overseas, without being detected?

Considering the fragility of our healthcare, public services, and economy during this pandemic, both infrastructure and businesses alike are more vulnerable to cybercrime than arguably ever before.

Last year, we saw Victorian hospitals become the victim of a crippling ransomware infection that severely disrupted multiple regional hospitals & caused numerous patients to miss critical surgeries and appointments.

Given how easy it was for such a significant attack to occur, can you imagine the current threat on overloaded healthcare systems if similar attacks or a more intentional, targetted attack were to occur during this pandemic?

Furthermore, cyber-warfare and cybercrime are both continuing a steady increase on a yearly basis. Given the number of vulnerabilities opening up as a result of COVID-19 (such as the loss of security during the shift to remote working) 2020 is forecast to see an even larger boom in cybercrime.

While most of us are likely outside of the realm of influence for cyber warfare & cyber terrorism, there is plenty we can do to ensure that our own technology is safe from malware infection and criminal activity.

Three major ones you can do right now are some of the tried and true cyber-basics, such as:

  • Password Hygiene: The first barrier between you and a hacker is your password, so treat it with some care. Many of us are still using the same old password across multiple key systems. Now more than ever: Change. Your. Passwords! We recommend passphrasing as a secure option moving forward.
  • Using Two-Factor Authentication: Two-factor is essentially the second barrier to stop an attack in the event that your password is cracked. Many login systems make two-factor compulsory, and practically all social media, emails & work-systems can have it enabled. Turn on two-factor on all key logins.
  • Keeping an eye out for email & SMS scams: Phishing is still the leading method used by cyber-criminals. It didn’t take long for attackers to piggyback on COVID-19 to launch new scams, even going as far as posing as the AusGov.

If you haven’t brushed up on email safety this year, please have a read of these StaySmartOnline tips for a quick refresher.

For more information on cyber safety during the pandemic, visit https://portal.cyberaware.com/remote!

Toll Group suspends IT systems following unusual server activity. Cyber Aware’s tips on managing a cyber incident

Before COVID-19 dominated the news cycle, you may have seen that Toll Group, the well-known global logistics network, and freight transport provider, fell victim to a targeted ransomware attack.

As many as 1000 servers were infected during the February attack, and the company received harsh criticism from the public for their prolonged silence regarding the attack.

Key delivery services were majorly disrupted, and while clients experienced significant delays, many were left in the dark; unsure of whether & when they could return to regular operations.

“It’s 10 days overdue, so for the last week I’ve been spending at least three or four hours a day on the phone trying to get some information.” quoted sales manager, Jeff Ward.

While the fallout of a cyber-attack is objectively damaging on a technical and financial level, the reputational damage is what businesses often fail to recover from, with an average of 60% of businesses failing to continue operations following a cyber-attack.

Now it’s May, and the company has reported another security incident, however this time with much more transparency and urgency.

While customers and clientele were left frustrated and unsure during the last incident, this time around Toll appears to have applied the lesson learned on PR and incident management by immediately closing services and alerting the public.

While the specifics are not yet known, and the nature of the damages or incident are yet to be revealed, stakeholders this time around are aware of the current situation, and most importantly, have not been left hanging!

Toll’s cyber-incidents and response this year are demonstrating both the best & worst of incident management, and from this case, your business can learn the following things:

  • Prepare a statement in advance, and release it promptly. Much like Toll’s most recent example, your initial statement does not need to disclose a full report of damages, impacted clients or the nature of the attack.
  • Have a plan of action. Prepare backups of your key data so you can comfortably recover the damages. Layout a plan not only for the event that you need to cease activity but also for resuming your business activity following a breach.
  • Adhere to your country’s regulations, but don’t stop there. As many of us in the cybersecurity industry are aware, in February of 2018 Aus Gov rolled out Mandatory Breach Data Notification laws that laid out the specifics for reporting a data breach, and the associated penalties for failing to do so (cough up to $2.1million cough).

It’s critical that whether you’re operating under GDPR, the NDB, or otherwise, that you are familiar with your obligations and responsibilities following a data breach.

But of course, don’t stop at policy requirements. Consider how you can best reach legal demands while also maintaining trust and responsibility among your shareholders/public-image.

Given the increased vulnerability of businesses during this pandemic, it is crucial that you are prepared not only from a security standpoint but from an operational and reputational perspective as well.

This pandemic has been an immediate and radical change for all of us. Alongside our scattered workforce, shifting work culture, and general pressures as an adapting business, the last thing any of us need right now is a frustrated & disheartened client-base due to poor incident response.

For more information on incident response and cybersecurity awareness, visit cyberaware.com!

Cyber Aware’s essential safety tips for returning to the workplace

As new cases of COVID-19 remain low, and discussions of lowered restrictions populate Australian news, it’s time that we take a step back and consider the new security challenges during our return to the office.

This pandemic has driven huge, immediate change at both a societal and cultural level. Within our own businesses, many of us have discovered a capability to keep the ship afloat without the benefits of the office, and a lot of workers will find themselves comfortably working from home on a regular basis.

While some predict that work-from-home is the new norm, and others are forecasting a mass return to the workplace, the reality is that we’ll likely land somewhere in between, especially while we work out the kinks of social distancing and beating this pandemic.

As such, Cyber Aware recommends that any workers, whether you’re frequenting the workplace or the lounge room, follow these key safety steps:

  • Be cautious as to the devices you bring between the office and home. Just because your battery died and you had to use your home-laptop, doesn’t mean that it’s fit for use in the office. If your home device has a virus or any malicious content on it, bringing it to the office can expose the whole network. BYOD policy can seem trivial, but it’s been responsible for bringing down entire nuclear facilities, let alone your workplace. And, on that note:
  • Keep your work and personal devices separate! Not only will it be embarrassing to bring up your teenager’s search history during a work meeting, but it’s also a huge risk to access corporate, confidential data on the same device where your family browses the web & downloads unknown content.
  • Moving back to the office, it is a good idea to not only utilise a VPN at home but at all times. A common form of attack, especially for larger workplaces, will be fake wi-fi and network compromise. Stay ahead of this by connecting to your business network through a secure tunnel, a VPN. (If you’re in a managerial position, we’ve always been huge fans of HackHunter for weeding out fake wi-fi devices).
  • I think it’s safe to say that things have gotten a little bit laissez-faire during the lockdown. With so many distractions at home, the 9 to 5 has started to look more like a 12 to 12 with fifty breaks in between. Whether this is for better or worse, one thing is for certain; break any habits of using social media for work purposes. Simply put, any new platform you put work-data on is another platform it can be stolen or compromised through. Facebook and Gmail are not suitable avenues for delivering private data.

And of course, continue to maintain physical distancing measures, and continue to regularly wash your hands. The main point of lockdown was to avoid overwhelming the healthcare system; the virus is still a major concern regardless of current lockdown measures, so keep your physical safety and wellbeing as a top priority.

For more information on reducing risk and working from home, visit cyberaware.com/remote

Top
Before you go, get a demo of our next-gen security awareness platform and see how we can help reduce your client's human risk.
WAIT!
Thanks, Not Interested
GET STARTED!
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.
GET STARTED!
Thanks, Not Interested
GET STARTED!
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.