Increasing cyber threats to digital businesses

Cybersecurity | IT support

Australian businesses have embraced digital transformation (DT) with gusto. About two-thirds of businesses surveyed by professional services consultancy KPMG said they’d accelerated their DT strategy and boosted their budgets accordingly, thanks to the pandemic.

As a result, KPMG points out five key challenges now facing online businesses that you should consider:

  • Ramp up technology to link front, middle and back offices
  • Streamline how customers deal with your business online
  • Improve your digital connection with your suppliers and service providers
  • Rethink your talent pipeline to look internally as well as externally
  • Ensure digital technology enhances the resilience and agility of your business.

These are overarching challenges, and this article will cover a range of strategies and tips to keep your business ahead.

Exposure to new risks

As Forbes Tech Council says, we’re seeing a business and technology do something of a tango dance. . This year, we’ve been hearing about data breaches, phishing, ransomware attacks and targeted cyber attacks. They target:

  • Personally identifiable data
  • Information that identifies customers
  • Financial information
  • Behavioural data including facial recognition, contact tracing, temperature measurements, and location-tracking systems.

Hackers can hold data or operations to ransom. In fact, hackers’ ‘dwell time’ within an organisation’s IT system is usually up to 20 days. You may not even know they’re lurking there. As soon as you’ve found out your business has been cyber attacked, whether it involves ransomware or not, you should report it to the proper authorities.

The emerging cyber threats

Chances are cyber threats to your business won’t come from Australian ‘bad actors’. Business Australia says less than 10% of cybercrime happens in the same geographic location as the target.

An emerging threat to watch out for is through IoT (Internet of things) devices, such as cars, home appliances, that have electronic sensors for connectivity and data exchange. Your IoT systems are vulnerable if they don’t have the same security level as your network. Botnets, a collection of Internet-connected devices that each run a bot, can wreak havoc through Distributed Denial-of-Service attacks, send spam, steal data or take over the electronic device and connection. Worse, botnets have been morphing into hivenets – botnets that think for themselves.

Another increasing risk involves a hacker sending an email purportedly from senior management to a co-worker asking for funds or information.

You may have heard of what The Guardian calls possibly the most powerful spyware developed – Pegasus. It can infect your iPhone or Android device with a ‘zero click’ attack via the operating system’s bugs. You won’t even know Pegasus is on your phone. The malware turns it into a 24-hour surveillance device. It can use your camera and turn on the microphone to record you. Find out more from this article in The Conversation.

How’s your cyber hygiene?

Shockingly, human error underpins 90% of successful cyber attacks. Check out the Australian Government’s Cyber Security Assessment Tool, which will prompt you to:

  • Back up your data
  • Secure your electronic devices and online network
  • Ensure you encrypt important information
  • Use multi-factor authentication
  • Better manage passphrases (use them instead of passwords)
  • Monitor who’s using your business computer equipment and systems.

You can also boost your risk management with cyber security policies, procedures and frameworks you roll out for your entire business. These, as well as staff training, clear delegation of roles and a breach response plan, should be your priority. How to triage, treat and mitigate cyber risks should be an integral part of your business continuity plan.

That might sound like a lot for a small-to-medium-sized enterprise, but hackers know and hence target this sector because they’re unlikely to have in-house security experts. It’s important to know that eight in 10 SMEs who suffer a breach go under within 12 months, says Business Australia. A new trend is for a group of small businesses and not-for-profit organisations to join forces with cybersecurity specialists for a collective cyber defence that offers real-time scanning and intelligence sharing. Keep a look out for cyber security firms offering this solution.

Where does insurance fit into risk management?

Cyber security insurance adds an extra level of protection and peace of mind for digital businesses. Make sure the one you opt for covers:

  • Liability
  • Cyber investigations costs
  • Public and customer relations
  • Legal
  • Compensation
  • Regulatory fines.

Some policies also offer free cyber consultation, access to an around-the-clock cyber incident response team, multimedia liability, system damage, computer crime cover and unlimited period for business interruption cover. There’s a lot of complexity with this cover, so we’d be happy to guide you through the options for your digital transformation journey.

The script used to hijack the company’s VM setup was only 6kb in length but contained variables including different sets of encryption keys, email addresses, and options for customizing the suffix used to encrypt files in a ransomware-based attack.

The malware created a map of the drive, inventoried the VM names, and then powered each virtual machine off. Once they were all disabled, full database encryption began. OpenSSL was then weaponized to encrypt them all quickly by issuing a command to a log of each VM’s name on the hypervisor.

Once encryption is complete, the reconnaissance files were overwritten with the word f*ck and were then deleted.

Big game ransomware groups including DarkSide — responsible for the Colonial Pipeline attack — and REvil are known to use this technique. Sophos says the sheer speed of this case, however, should remind IT administrators that security standards need to be maintained on VM platforms as well as standard corporate networks.

“Python is a coding language not commonly used for ransomware,” commented Andrew Brandt, principal researcher at Sophos. “However, Python is pre-installed on Linux-based systems such as ESXi, and this makes Python-based attacks possible on such systems. ESXi servers represent an attractive target for ransomware threat actors because they can attack multiple virtual machines at once, where each of the virtual machines could be running business-critical applications or services.”

SOURCES:https://latest.insure/

Contact us today to find out more about how you can protect your infrastructure against the latest Ransomware attacks.02 9387 3888 or Contact Form.