Cyber Crime Australia

Resilient by Design: Lessons from the Cube Cyber and Illumio Executive Roundtable

Cyber Attacks, Cyber Crime Australia, Incident Response, Threat Protection

Summary

At a recent executive roundtable co-hosted by Cube Cyber and Illumio, security leaders examined a critical weakness exploited in nearly every modern breach: rapid lateral movement after initial compromise. Recent incidents highlight that even mature, well-tooled environments can be breached when identity gaps, flat network architectures, and unmanaged legacy systems enable attackers to escalate privileges and pivot across the environment.

The discussion broke down how post compromise activity unfolds in real world scenarios and explored practical controls that limit propagation, including Zero Trust Segmentation, tighter east west visibility, and containment aligned to critical asset pathways.

The takeaway was clear. Resilience is not about preventing every intrusion. It is about restricting lateral movement, reducing blast radius, and keeping core operations intact when a breach occurs.

The Modern Reality: Breach Inevitable, Spread Preventable

The group began by confronting a sobering reality: breaches are no longer rare incidents, but an operational certainty. Modern attacks are designed for speed, scale, and automation, leaving security teams little time to react. Once an initial compromise occurs, lateral movement follows quickly, turning a single foothold into a full-scale incident.

Examples such as the Ingram Micro breach illustrated this challenge vividly. Attackers exploited a VPN entry point, harvested credentials, scanned internal systems, and eventually exfiltrated data, and deployed ransomware. Each stage of that chain is familiar and preventable, but only when visibility and containment techniques have been built into designs, and not simply as afterthoughts.

Lateral Movement: The Underrated Threat Vector

Participants discussed how lateral movement has become a defining feature of modern cyberattacks. Techniques such as Remote Desktop Protocol (RDP) exploitation and Server Message Block (SMB) traversal continue to dominate post-compromise activity, leveraging so called “Living off the Land” techniques to avoid detection by traditional EDR solutions The problem isn’t simply that these techniques exist, it’s that many environments remain too flat, too open, and too trusting.

Once an attacker breaches the perimeter, they often find minimal segmentation, limited firewall or flow logging, and partial visibility from traditional security tools like EDR or SIEM. The result is a porous environment where a single compromised system can become a launchpad for internal reconnaissance, credential harvesting, and lateral expansion.

AI-driven malware has only amplified this problem. Campaigns such as Akira or Oyster demonstrate how quickly automation can scale a breach. The attackers’ ability to move through hybrid and multi-cloud environments outpaces the traditional incident response playbook.

Resilient by Design: Breach Containment for the Modern Enterprise

One of the strongest themes that emerged was the need to move beyond reactive detection. EDR and SIEM tools remain essential, but they are not enough to stop movement once the attacker is inside. Over-reliance on legacy macro-segmentation approaches also limits effectiveness against today’s threat environment. The conversation shifted toward containment by design, the idea that security architecture should assume compromise and be structured to contain it.

Illumio’s breach containment model provided the framework for this discussion. By using strategic Zero Trust segmentation and intelligent labelling at a workload-level, organisations can ‘ringfence’ their critical assets, restrict unnecessary communication paths, and rapidly isolate threats without taking entire systems offline. Illumio’s platform and approach allows for rapid deployment of these containment strategies, allowing organisations to build resilience iteratively.

This selective containment approach was seen as a critical evolution from the traditional “kill switch” response. Instead of shutting down entire networks, predefined incident response policies can be quickly deployed to quarantine only the affected systems, keeping business operations running while the threat is neutralised.

The Role of Deep Visibility and IR Practice

The executives agreed that resilience depends on one thing above all: understanding what normal looks like. Visibility across workloads, users, and traffic flows enables earlier detection and faster decisions. When teams know their environment intimately, abnormal behaviour stands out.

But visibility alone isn’t enough, it must be paired with Incident Response (IR). The group emphasised that predefined incident response plans and tested containment procedures are the key to avoiding hesitation when a breach occurs. Preparedness transforms panic into process.

Cube Cyber’s perspective reinforced this operational focus. The company’s incident readiness work with clients has shown that response speed and clarity depends on visibility, policy alignment, and the ability to act without fear of disrupting the business.

Containment as Culture

Perhaps the most forward-looking insight from the roundtable was that resilience is as much cultural as it is technical. Containment cannot sit as a one-off initiative or an emergency response protocol. It needs to be woven into everyday operations. That means refining access policies, integrating segmentation principles into new IT projects, and aligning security operations with broader business objectives so that containment becomes a default design choice rather than a reactive measure.

Participants described this shift as moving from a defensive posture to a resilience mindset. The group noted that many organisations still rely heavily on compliance tick-boxes, assuming that meeting framework requirements equates to readiness. The discussion challenged that view. Compliance may be necessary, but it does not prepare an organisation for the speed and complexity of real-world lateral movement. A stronger focus on preparation for the inevitable and building a genuine containment culture emerged as a defining marker of resilience.

Lessons to Take Forward

The event closed with a series of practical takeaways that organisations can act on immediately using the Illumio platform:

Map your environment: Understand dependencies and communication paths across all assets using the Illumio Map. What is normal?

Manage your external attack surface: Leverage new tools like Illumio Insights to identify unprotected cloud-native assets, ensuring the organisation’s attack surface is understood.

Define and test containment policies: Build muscle memory for rapid isolation during incidents.

Adopt segmentation early: Limit exposure and control east-west movement before a breach.

Refine continuously: Use visibility tools and post-incident reviews to strengthen defenses.

The message was clear. Resilience is not achieved through tools alone, but through disciplined design and ongoing operational readiness. Many organisations understand the value of segmentation, yet the execution often falls behind due to complexity, legacy constraints, or uncertainty about where to start. The roundtable reinforced that platforms like Illumio can help simplify this journey, providing the visibility and structure needed to make segmentation practical and achievable as part of a broader Zero Trust approach.

Next Steps

The roundtable concluded with a shared recognition that breach containment is now a core requirement for every organisation. Building resilience requires visibility, preparation, and the ability to contain threats while maintaining business continuity.

For organisations operating across both on premises and cloud native environments, now is the time to assess how well your architecture supports containment by design. If you would like guidance on strengthening visibility and building rapid response capability, our team can help.

Learn how Cube Cyber and Illumio support organisations in building stronger containment strategies: Contact Us

November 24, 2025/by Andrew Oshea

SASE – Secure Access Service Edge: A Simple Overview

Cyber Crime Australia, Large Corporation, Remote Working, SME's

Over the past couple of years businesses and corporations have had to quickly adjust to a significant increase in employees working from home.

With increasing data coming from online sources into corporate networks, more SaaS apps being adopted and new types of traffic taking up increasing bandwidth (videos, collaboration, and shared editing of online documents), corporate data networks are struggling with the bottleneck of traffic.

VPN’s may now not be the best solution for your business. So, let’s talk about the latest next-generation security solution.

Pronounced ‘sassy,’ SASE is short for Secure Access Service Edge, a cloud-hosted framework that protects data, end users and applications by using both security and network services. The term was first coined by Gartner in August 2019, who have calculated that “by 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption, encompassing user, branch and edge access, up from 10% in 2020”.

What is SASE?

SASE is a security framework that uses existing technologies to deliver wide area network and security controls as a cloud computing service directly to the source of the connection rather than a data centre or business premise. Security is based on digital identity, real-time context, and company security and compliance policies.

SASE helps to solve the bottlenecking of traffic into the network, by effectively combining security as a service (SECaaS) and network as a service (NaaS) into a single cloud-based service.

This merging of services allows the end-user to work securely from any location or device, without compromising the same level of security you would have in the office.

Implementing it is not the case of buying a single product and setting it up but requires multiple steps to enable services on existing cloud-hosted platforms. For most businesses, the level of expertise required in setting up a SASE approach will mean collaborating with a trusted vendor who understands your business needs.

How does SASE work?

Current systems may look something like this; traffic comes in via MPLS, internal traffic, or the internet and enters the router, this is then processed through a VPN, and then once verified through a firewall, access is gained to the network.

Traffic ends up passing through the internet, security rules are applied, before being sent back out to the internet. This traffic is essentially passing through twice, meaning each security measure is essentially paying for double the amount of traffic, making this model inefficient and expensive.

With SASE, services are managed at the edge of the cloud, so secure communications are delivered to the specific resources the user wants to access, via the fastest path. This can help to provide the same level of security you would see in the corporate workplace, to any remote user, and from any location, device, or application, surely a necessity at this point in time.

The core components of the Framework

A SASE architecture can comprise of the following components:

• Software-defined wide area network (SD-WAN). SD-WAN can help simplify communications by finding the best route to the internet or cloud-based apps, optimising user experience.
• Cloud access security broker (CASB). CASB’s can secure cloud-based services by controlling data access and through data loss prevention (DLP). This prevents data leakage and malicious activity.
• Secure web gateways (SWG). SWG’s implement company security policies and filter any unauthorised access or suspicious behaviour. Any unsecure traffic is prevented from entering the network.
• Firewall-as-a-Service (FWaaS). FWaaS encompasses URL filtering, intrusion prevention systems (IPS), and threat protection to prevent cyber-attacks on cloud-hosted platforms.

There are also further recommend levels in the model including Sandbox, WAF, NAC, NGAN/ EDR and browsing Isolation. For an optional level you could also include a VPN or WLAN.

How can SASE benefit my company?

With more people than ever working from home, businesses of all sizes are needing to implement big security changes, fast. With cybercrime on the increase, there is no better time to convert to a SASE framework and secure every single user, device, and application entering your network. The time for updated cloud-based security is now.

Benefits of using SASE:

• Costs are lowered due to fewer hardware installs and a simplified system.
• Latency is reduced by finding the quickest path to the network.
• Zero-trust ensures secure data is only accessed by those authorised.
• Better performance and efficiency as users can access the network from anywhere.
• Keeps your data secure, within the network and prevents web attacks and malicious activity.

Implementing SASE

Steps your organisation can take to implement a SASE approach:

• Move branch offices to a cloud-based perimeter.
• Set up zero-trust network access (ZTNA) for all users.
• Simplify your setup (VPN’s, CASB, SWG) to combine services into a single, more effective system.
• Use an SD-WAN based network, as opposed to MPLS.
• Ensure you have a high-performance edge network to reduce latency issues.

The SASE infrastructure can be overwhelming. If you think your business could benefit from a SASE framework, or you simply just want to find out more, then please do not hesitate to contact one of our experts at Cube Cyber. We are always happy to help.

April 21, 2022/by Andrew Oshea

GDPR Cyber Security and How It Might Impact Your Business

Cyber Crime Australia, Large Corporation, SME's, Threat Protection

The European Union’s General Data Protection Regulation (GDPR), came into effect back in May 2018, but what does that mean for Australian businesses and cyber security?

What is GDPR?

First of all, what actually is GDPR? The GDPR is short for General Data Protection Regulation. It was brought in by the European Union on 25th May 2018. The regulations were created to give individuals more control over their personal data and to ensure businesses comply with how they handle personal customer data. This data could include name, address, IP address, phone number, email address or location data.

It is worth noting that an IP address or a transaction ID alone is not enough to identify an individual. However, if you only collect this information the rules are likely to still apply to you. While this data seems anonymous, if you were to cross-reference a transaction ID with your online store data, the individual could be identified. Therefore, the GDPR regulations will still apply, even though you may not be openly collecting personal information.

If you are collecting detailed personal information such as gender, biometrics, ethnicity, or personal data about children, then you will need to be extra careful when handling this data.

Is GDPR relevant to Australian businesses?

Even though you may not be a business in the EU, you may still have to comply with GDPR regulations.
Any business, no matter where you are in the world will need to comply with GDPR if they process any personal data from a person living in the EU. This could be a client, customer or even someone signing up to your online newsletter or visiting your website.

For Australian organisations it is likely that you will be dealing with customers or suppliers who are from the European Union. If this is the case, then GDPR regulations will apply to you.

The basic values or rules concerning GDPR is that you must tell the person that you are collecting their data, what specific data you are collecting and how you will use that data. You must have a lawful reason to collect someone’s data and only use the data for the reasons you have told them. You must get an individual’s consent before collecting any personal data from them.

For example, if someone is signing up to an email newsletter, you must include consent boxes for email marketing, if any future emails will be used to advertise or promote your business. If you state to the customer that by putting in their name and email, they will get some sort of ‘freebie’ or a monthly newsletter with tips for businesses, you cannot then use that email for advertising purposes, as that is not what the person signed up for. You will need a consent box that clearly states by adding their email, they may receive advertising and promotional emails. It is up to the individual to decide and if they do not want such emails, so you must only send emails for the reasons you have stated in the sign up form.

The data should be secured safely and not be held for any longer than need be. You should have a detailed privacy policy which is easy to read and understand, outlining what information you are collecting and what you are doing with it. You also need to state that you will delete all personal data upon an individual’s request.

GDPR cyber security

In terms of GDPR cyber security, you will need to ensure that personal data is processed and stored securely, in order to lower the risk of any data breaches. Not only does a major data breach hurt a company’s reputation, you may also be liable for a hefty fine (up to €20 million or 4% of worldwide yearly income), if you have not fully complied with GDPR regulations. This is enough for cyber security professionals to up their game and to ensure businesses have the best protection to prevent any data loss.

Organisations should make sure that only authorised staff can access any personal information from customers or suppliers. Limiting the amount of people who can access that data and ensuring only those who need the data for their jobs are allowed access, can help prevent accidental data breaches. Those employees who do have access to sensitive customer data should also have training on how to handle, store and send any data and to make sure it complies with your privacy policy.

Any data you collect that can be adnominalized or ‘Pseudonymised’ should be. This will make it harder to identify individuals. Whether you are the controller (the person who decides what data is collected and how) or the processer (the person collecting, storing, and organising the data), you are liable if any information is leaked. If you are working with a third-party processer, such as Mail Chimp for email marketing, then you should ensure they also are complying with GDPR regulations.

Data Loss Prevention (DLP) devices should be implemented to ensure that data is kept secure and personal information is not shared outside the company. In case of an unfortunate data breach, you must have an incident response plan already in place. This sets the groundwork for how you deal with a cyber attack, from identifying the attack and what data has been lost, to containing the attack, notifying the Data Protection Authority, and then recovering and learning from the incident.

For the best protection for GDPR cyber security, it is best to have a multi layered security solution. Firewalls will help prevent malicious software from entering or leaving your network, endpoint protection will help secure all devices (or entry points) into the network, VPN’s and other encryption tools will ensure data is kept secure and cloud security will protect data storage. Managing and monitoring threat detections is also key to preventing any attempted attacks early.

Risk assessment and vulnerability scans need to be performed to assess cyber security solutions and to make sure everything is working correctly.

If you are worried about GDPR cyber security, or would like advanced protection for your organisation, then get a quote with Cube Cyber today, and our friendly experts will talk you through everything.

March 2, 2021/by Andrew Oshea

Cyber Security Australia: Increasing Attacks on Businesses

Cyber Attacks, Cyber Crime Australia, Large Corporation, SME's

Cyber security in Australia is an essential tool to protect businesses both large and small, from advancing cyber crime threats. In this current environment it is vital that no matter the size of the company, everyone is doing what they can to stay secure online.

In the past, businesses only had to really worry about the physical security on their business, easily implemented by security gates and CCTV cameras. In recent years however, there is a new threat. One that we cannot see but it is very real and potentially even more damaging.

Cyber crime is on the rise and attacking Australian businesses. In fact, according to a post by Infosecurity during the first six months of 2020 alone, ransomware payments doubled. With hackers finding new ways to compromises organisations, these ransom demands are likely to increase.

Scott Morrison cyber attack

Back in June 2020, an attack on Scott Morrison’s government was carried out by a state-sponsored actor. This attack was not just on the prime minister but on all levels of government from the healthcare industry, education, political sectors, and other primary sectors in the infrastructure.

It is unclear whether these state-actors got what they came for or what they will do with the information. Reasons for foreign state-actors infiltrating other governments could be to send a warning, to spy, find out sensitive information or research, or to steal data for financial gain.

Whatever the reason behind this attack, it only goes to show that even the most high-profile of organisations can be the victim of cybercrime. Whether you are a large government agency or an individual running a small business, cyber security needs to be a priority.

Increasing vulnerabilities in cyber security Australia

Why are there increasing cyber security attacks on Australia? Cyber security in Australia needs to be at the top of every organisation’s priority list. Australian businesses have money to steal. A wealthy economy that makes use of the latest technologies will always be at risk from harmful cyber threats.

In the current situation with the pandemic, we are seeing even more cyber threats to Australian businesses. In April 2020, the Australian Cyber Security Centre (ACSC) reported an increased in the amount of COVID-19 themed cyber attacks. Hackers and cyber criminals are taking advantage of the fear and uncertainty of coronavirus, as well as the increased in people working remotely.

For smaller businesses, where the level of cyber security may be limited, this can put SME’s at a greater risk. For smaller business check out this helpful graphic from the government site on best cyber practices.

The ACSC has recently warned the healthcare industry of the latest attacks that have been seen rising throughout the pandemic. One of these threats is SDBBot Remote Access Tool (RAT). This piece of malware is used by criminals to remotely take over multiple systems within an organisation. Hackers will go through the system and copy any sensitive information they can use to sell or blackmail the victim. Another recent attack is named Cl0p ransomware. Once a hacker has gained access using RAT, they can then use Cl0p to encrypt the organisations files to make them unreadable (in order to charge a ransom).

October 2020 saw German company Software AG fall victim to this attack. The hackers demanded US$20 million in ransom. The company’s data was leaked online after they did not pay the ransom.

Cyber threats are also increased with many staff members country-wide now working from home, often using insecure devices such as smartphones, personal laptops and devices used via the Internet of Things (IoT). When using insecure devices or networks, the chance for a data breach is greatly increased.

The more applications, devices, systems, networks, and Wi-Fi we use, the more chance of malware being infected into businesses. Once a company has been compromised, it is at risk from a ransomware attack, stolen money, damage to internal systems and devices, customer information being leaked, identity theft and more. If personal customer data has been leaked, you may also be facing more hefty fines for breaking data protection laws. Risking a cyber attack is simply not worth it.

What is the Government doing in cyber security?

The 2020 cyber security strategy from the Australian government has said it will invest $1.67 billion in cyber security, over the next ten years. The strategy outlines detailed advice for individuals, SME’s, large corporations, and government sectors.
There are three sectors the report details, where cyber security practices and different approaches need to be put in place: government, businesses, and the community.

Government

• Safeguard essential infrastructure, crucial services, and families
• Tackle cyber-crime, together with the dark web
• Protect government information and systems
• Sharing cyber threat intelligence
• Keep cyber security alliances strong
• Help organisations to implement cyber security practices
• Improve resources for cyber security

Businesses

• Enhance standard cyber protection for critical services
• Advise SME’s of best cyber security measures
• Deliver secure merchandise and services to customers
• Develop trained personnel in cybersecurity
• Monitor and stop attempted malware hacks

Community

• Advise and guide individuals on cyber security
• Make familiar buying choices
• Ensure cyber incidents are reported
• Know how and where the find cyber support

The report documents clear advice and guidance for individuals, businesses, and government sectors. They will do this by providing advice on the latest cyber threats, how to keep your business and devices secure, including the Internet of Things (IoT), and by stating clear obligations for businesses.

Each sector will have a role to play. Governments need to ensure they are protecting the most essential infrastructure and Australian businesses. Business themselves should make sure their products and customer data are made secure. Individuals need to stay vigilant and to understand the cyber threats on the web, before releasing any personal data or buying goods online.

The 2020 Australian cyber security strategy provides all Australian’s and organisations the tools they need to stay cyber secure. The strategy hopes to build trust and awareness of cyber security attacks in Australia and to advise on how to deal with those attacks. By addressing the community and organisations as a whole, this guidance provides a valuable tool for everyone to implement good cyber security measures, whether at home or work.

Cyber Security protection from Cube Cyber

Here at Cube Cyber, we are passionate about protecting businesses of all sizes. We believe in going that extra mile to protect our customers businesses. We build lifelong partnerships and provide the best protection to our customers.
For more information about our services please visit our contact page.

Psstt…we are also on LinkedIn and would love for you to give this article a share!

February 12, 2021/by Andrew Oshea

Cyber Security Risk: What would it cost if your company could not work for one day?

Cyber Attacks, Cyber Crime Australia, Large Corporation, SME's

Cyber security risk is a problem all companies face, from large corporations to small, independent businesses. But cyber security is much more than a simple IT issue, it can have a huge impact on your revenue…and reputation.

Have you ever thought about what you could lose if your business were to go offline from a distributed denial-of-service (DDoS) attack, or if your employees could not work on files after they have been hacked into and encrypted? What would just one single day of not being able to work cost your company?

You would not leave your house or your car before locking it first, so why not protect the most important aspect of your business- the money making. Cyber security should not be thought of as another chunk out of the budget, but an essential tool to protect the core of the business. Cyber security and revenue really do go hand in hand.

Many companies, particularly small businesses, and SME’s, see cyber security risk as something that may or may not happen to them, perhaps not considering the full implications of what a cyber attack would have on their organisation.

Businesses no matter the size are at a risk of all kinds of cyber threats from phishing attacks (the number one and most common cyber attack), ransomware attacks, DDoS threats, malware attacks and more. These cyber threats are ever-growing and are always being developed to become even more sophisticated. It is vital that whatever the size of your organisation, cyber security risk is taken into account and taken seriously. But how do we do this?

How businesses can calculate the risks

A cyber security risk assessment is a vital start for any business looking to purchase cyber security. Before you know which solutions will work for your company, you must first assess the risks. Every organisation should individually access their own risks, as this of course will vary from business to business. The Gov website has more information here.

By looking at the risks and performing a security assessment, you can determine the strengths and weaknesses of your systems, any weakness or vulnerability holes in your systems and how effective your current cyber security plan is working. From here, you will be in a better position to implement practical solutions in the right areas.

When calculating the cost of potential cyber security solutions, you should ask yourself what it would cost if your company went down for just one day. What would you lose in sales, revenue, potential new customers, even reputation? Work this out, and you may find that the cost of a single day is the same or greater than the yearly cost of cyber security protection. Those not willing to invest in the right cyber security solutions are taking a huge risk, particularly for SME’s who often find it hard to even recover at all from a cyber incident.

When completing a cyber security risk assessment, you need to identify the main cyber threats to your company. Most businesses all have the potential to be a victim of common cyber attacks, such as phishing, malware and ransomware attacks, but some organisations may be more likely to face other types of attack. For example, a government organisation may be at extra risk from cyber espionage or the healthcare industry may be at risk of advanced domain hijacking or DDoS attacks.

Once you have a list of the most vulnerable threats, you will need to determinate how each of those attacks would affect your business.

If your files were encrypted in a ransomware attack, would you have backups of that data?
And what would the implications be if any sensitive files were to be uploaded to the dark web?
How would you deal with data protection laws?
If hackers were able to take your ecommerce site offline for a day, or even a few hours, what would you gain to lose from loss of sales?
If any of your machines are physically damaged, what would the costs be to replace them?
How will you regain trust back in any customers who have lost faith in the reputability of your organisation?
Do you have a recovery plan for a data breach, do your staff know what to do in the event of an attack?

These are all questions which will need to be answered. Once you have an idea of the threats to your business and how they will affect you, you can start to determine the right solutions to protect against each threat. Order the threat list in terms of the highest priority or threat level, to the lowest, putting security in place for the biggest threats first.

How a cyber security risk assessment can help

The biggest benefit, other that being protected from cyber threats, is the long term cost for an all-round cyber plan. The cost of cyber security will likely be lower than the cost of recovering from an attack. Applying a risk reduction point of view can help protect your businesses revenue and most valuable assets.

A complete cyber plan will protect your organisation against data breaches, comply with data protection regulations, prevent the loss of sensitive files, and help prevent malicious activity from entering your network. If you think that the cost of an annual cyber subscription may be the same as a day’s revenue, then it is really a no brainer.

At Cube Cyber, we can help both SME’s and large corporations come up with a complete cyber protection plan. We do all the hard work, finding the vulnerabilities in your systems, implementing advanced cyber solutions, and then monitoring and reporting back to you.

For any questions or details, please ask one of our cyber experts via our website.

February 12, 2021/by Andrew Oshea

Data Breaches and Cyber Crime in Australia

Cyber Attacks, Cyber Crime Australia

Cybercrime is a widespread threat, targeting Australia and our businesses, country wide. Small to medium enterprises (SME’s), government organisations, large corporate companies and individuals are all at risk from increasing threats from the latest cyber threats and data breaches.

The Australian Competition and Consumer Commission’s (ACCC) Targeting Scams 2019 report identified Australians lost over $634 million to scams in 2019. This however might not be the true figure as the real cost of cyber attacks is hard to estimate. It is believed to be more likely in the billions every year.

Cybercriminals are attracted to the wealth of Australia and the enormous amount of online activity, that is ever-increasing. Cyber criminals will only take advantage of the increase in online networks, especially with the pandemic forcing more businesses to go online. The opportunity is there for criminals to make even more profits than ever before.

During March 2020, cybercriminals quickly adapted their phishing methods to take advantage of the COVID-19 pandemic. A current report from Avast indicates that individuals have around a 5% higher chance of a cyber-attack than the previous year.

Australian businesses need to protect themselves even further from data breaches and cybercrime now, more than ever, as COVID-19 related scams are on the rise. Framework from the Australian Government’s Australian Signals Directorate (ASD) suggests safter ways to work online for enterprises.

Types Cybercrime that can Occur

Types of cyber scams that are out there:

Cyber abuse – Cyber criminals may bully, harass, or stalk you or your business online.

Online Image and Blackmail – Images of you have been shared online without permission or someone is blackmailing you with the threat of posting certain images (including personal/ intimate images or videos).

Online shopping scams or persuasive fraud – When users are duped or convinced into sending money or supplies to somebody online.

Identity theft – Your personal or business identity information is stolen, and someone is accessing your online accounts with that information.

Email scams – Receiving an email including false information, or imitating a company, that has led you to send money online.

Internet fraud – When money has been taken from your account, after clicking on a malicious link or allowing remote access to your computer.

Data breaches from malware – Your system or device have been hacked from someone you may then demand money.

Data Breaches in the last 12 months

In the last year, we have seen a number of cybercrime incidents of Australian and New Zealand businesses. One of which was the attack on 47 Service NSW staff member’s email accounts, which resulted in data breaches of 186,000 customers and staff.

Resulted data breaches had to be analysed over around 3.8 million documents and 738GB of data (including transaction receipts, scans, notes and forms), over the course of a 4-month investigation.

Then there was the disruption to the New Zealand stock exchange, which halted activity over the course of four days. Surprisingly, the DDoS attack that coursed the disruption is a fairly straightforward type of cyber-attack. A sizeable collection of computers will attempt to connect to an online service at the same time, overpowering its capacity, and disrupting the system. Devices used for the attack will usually have some sort of malware attached.

Back in February, the transport company Toll had to shut down all computer systems across several sites, due to a ransomware attack, leaving customers waiting for undelivered parcels.

The Office of the Australian Information Commissioner (OAIC), reports information from the Notifiable Data Breaches (NDB) scheme to help small and medium size business and enterprises, as well as individuals, understand the statistics of data breaches and cyber attacks. A report for the period from 1 January 2020 to 30 June 2020 shows that human error is the cause behind 34% of data breaches and the health sector is one of the hardest hit industries, reporting 22% of all breaches, 115 during that period.

The finance sector fell second behind healthcare for the amount of date breaches from January to June 2020, reporting 75 breaches; education had 44 breaches during the 6 months, insurance 35 and legal 26.

The same report shows that malicious or criminal attacks were the most common, accounting for 61% of all reports. This includes phishing attacks, malware, and ransomware scams. The OAIC report also shows ransomware attacks are on the rise from the previous 6 months, with an increase of 150%.

Out of all cases reported, 84% of personal information was breached, including home addresses, phone numbers and email addresses. Over a third of breaches involved identity information, which incudes government identity numbers, passport numbers and driving licence numbers.

Australian businesses now have to comply with Notifiable Data Breach laws in order to help protect the personal information of individuals and the organisation. Failing to comply with disclosing data breaches can result in big fines for companies.

Organisations have to but vigilant against cyber attacks and make the necessary changes in order to protect themselves and their customers. This can be done in a number of ways from making sure staff are educated on cyber awareness, performing cyber security audits, and investing in a complete security system.

If you are part of a small or large organisation, and are worried about your levels of cyber security, then why not talk to one of our experts at Cube Cyber.

Chat to our friendly professionals for a free assessment of your cyber security needs at 1300 085 366 or book in your free assessment here.

December 9, 2020/by Andrew Oshea