Recoveriescorp

Cybercrime on the Rise

At this very moment, someone is clicking a link in a spam email or activating macros in a malicious document. In a few seconds, all their data will be encrypted and they’ll have just a few days to pay hundreds of dollars to get it back. Unless they have a backup, which most people don’t.

Ransomware is malicious software that incorporates advanced encryption algorithms, making data or systems unusable until the victim makes a payment, usually through untraceable electronic transactions such as Bitcoin or iTunes gift cards.

Prime Minister, Malcolm Turnbull gave the green light in June 2017 for the use of offensive military cyber-warfare operations to shut down and destroy foreign criminal networks. He cited 114,000 reports of cybercrime registered with the Australian Cybercrime Online Reporting Network (ACORN), a national policing initiative of the Commonwealth, State and Territory governments under the National Plan to Combat Cybercrime, since 2014 and 23,700 in the past six months.1

To beef up national security against cybercrime conservatively estimated to cost the Australian economy $1 billion each year, the federal government has committed $630 million over the next ten years.2

With an upward trend in large-scale ransomware attacks and the number of data breaches reported globally, mandatory data breach notification will become law in Australia in February 2018, placing privacy compliance and cyber security in sharp focus.

On 12 May 2017, ransomware named “WannaCry” stormed through the web, infecting 200,000 machines in the first few hours in what would be the biggest ever cyber-attack in Internet history.  Leveraging vulnerability in Windows OS first discovered by the NSA, and then publicly revealed to the world by hacker group ‘the Shadow Brokers’, “WannaCry” was able to cripple organisations such as Renault and Britain’s NHS.

A few weeks later, a ransomware strain began spreading through Europe, affecting companies, Ukrainian institutions and banks and even the radiation monitoring system at Chernobyl.

Ransomware has proven to be on the rise over the past two years and this is just a culmination, revealing to the world just how big of a threat it is.

What should you do?

Businesses need to examine their cyber security posture and have arrangements in place to protect the security of their information systems.

The Australian Cyber Security Centre (ACSC), an Australian Government initiative that brings together existing cyber security capabilities across Defence, the Attorney-General’s Department, Australian Security Intelligence Organisation, Australian Federal Police and Australian Crime Commission, have advised that, if you are affected by a ransomware incident, you should contact your service provider immediately. 

Depending on the size of your business, there are some designated authorities you can contact to report the incident.  Small businesses with an annual turnover of less than $2m are encouraged to contact the ACORN, and large businesses, while following normal procedures should report to the ACSC on 1300 CYBER1 or 1300 292 371.

The present threatened landscape is dominated by well-defined and well-funded groups that employ advanced technical tools and social engineering skills to access computer systems and networks. Even more cyber-criminal groups are hired by large states to target not only financial objectives, but political and strategic interests.  Cyber criminals have as much impact over your data and your security as you give them. We’re not powerless and there’s a handful of things we can do to avoid ransomware. 

The Australian Signals Directorate’s (ASD) Strategies to Mitigate Cyber Security Incidents or the ‘Essential Eight’ is a prioritised list of practical actions organisations can take to make their computers more secure.

The top 4 strategies are listed as: application whitelisting; patching applications; restricting administrative privileges; and patching operating systems.3

As reported in Insurance Business on 4 July 2017, the Australian Reinsurance Pool Corporation (ARPC) the statutory authority that administers terrorism reinsurance scheme insurance cover, is putting cyber terrorism on the agenda of its tri-annual review.

The ARPC provides primary insurers with reinsurance for commercial property and associate business interruption losses from incidents declared by the federal treasurer as a terrorist event.

ARPC’s head Chris Wallace, advised The Australian that “the next review of the public financial corporation in late 2018 should consider extending the schemes coverage to cyber-terrorism.”

The ARPC provides back-up insurance coverage for 22 insurers worldwide, covering major commercial and infrastructure assets in Australia.

Remember there are no silver bullets when it comes to protecting your business against cyber-crimes, and a multi-faceted approach focused on prevention, is always the best defence.

Stay Safe! 

 

1 http://www.afr.com/technology/cyber-attacks-rife-in-australia-20170629-gx17j9

2 https://cybersecuritystrategy.pmc.gov.au/foreword/index.html

3 https://www.asd.gov.au/publications/protect/essential-eight-explained.htm