The annual Cyber Threat Report by the Australian Signals Directorate (ASD) was released this week, containing insights that every Australian business and citizen should read. The ASD received 94,000 reports of cybercrimes over the past year, 23 percent more than the previous financial year.
The sheer number and scale of data breaches in the region have resulted in one in three Australians finding their personal data in the hands of cybercriminals. With the ever-increasing sophistication of phishing emails (the most successful attack vector) the requirement of security awareness and knowledge for your end users is at a critical level.
Here are some key insights from the report.
The top ten reporting sectors were:
- Federal government
- State and local government
- Professional, scientific and technical services
- Education and training
- Healthcare and social assistance
- Financial and insurance services
- Information media and telecommunications
- Retail trade
The average cost of cybercrime:
- Small business: AUD $46,000
- Medium business: AUD $97,200
- Large business: AUD $71,600
Top 3 cybercrime reported by businesses:
- Email compromise
- Business email compromise fraud
- Online banking fraud
“Australian governments, critical infrastructure, businesses and households continue to be the target of malicious cyber actors. This report illustrates that both state and non-state actors continue to show the intent and capability to compromise Australia’s networks. It also highlights the added complexity posed by emerging technologies such as artificial intelligence.” - The Hon Richard Marles, MP, Deputy Prime Minister and Minister for Defence
There are several things that businesses can do to increase their basic cyber hygiene and avoid the relentless onslaught of cyber attacks. These include:
- Enable Multi-Factor Authentication (MFA aka 2FA) utilising a third-party authenticator app on every online service.
- Invest in a password manager to ensure all login details are unique and complex.
- Update all your software and enable automatic updates.
- Regularly back up essential files.
- Keep up to date with the latest cyber threat landscape.
- Implement ongoing, relevant, and engaging security awareness training for everyone in your business and include an opportunity for everyone to apply their knowledge using simulated phishing emails.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.