Every time a new report on cyber threats is released, new records have been set.
Cybercrimes have occurred on a larger scale than ever before, in more sophisticated ways, and accounting for unprecedented levels of financial losses.
Australia is a prime target for cybercriminals due to its relative wealth, high levels of online connectivity and increasing delivery of services through online channels.
In its Annual Cyber Threat Report, the Australian Cyber Security Centre (ACSC) highlights the four key cyber threats observed from July 2019 to June 2020.
Key cyber threats
Ransomware
Ransomware attacks typically target private sector organisations that rely on computer systems to operate. Files and electronic devices are encrypted rendering them inaccessible unless a ransom is paid, often in the form of untraceable cryptocurrencies such as Bitcoin.
Ransomware attacks have become increasingly prevalent due to the rise of “cybercrime-as-a-service”, whereby cybercrime techniques and tools are offered through darkweb marketplaces.
Malicious actors are becoming increasingly sophisticated and targeted in their approach. For example, some have tailored their ransom demands based on a victim’s financial standing. Others have conducted extensive victim research such as identifying and compromising external data backups, increasing the likelihood that a ransom will be paid.
Phishing and Spearphishing campaigns
Phishing involves sending fraudulent messages to a victim to facilitate the stealing of confidential information. It is the most common method used to target Australian organisations.
Spearphishing is a more sophisticated version of this crime, which is highly targeted. Cybercriminals research valuable individuals within an organisation through social media and publicly available industry information such as annual reports, impersonating the individual and tricking employees into providing sensitive information.
These communications can look extremely convincing, using company logos, branding and adhering to stylistic guidelines.
Business email compromise
In this scam, businesses and their employees are targeted using socially engineered messages or compromised email accounts.
These communications will fraudulently request payment transfers or the changing of account details on invoices or payrolls, to redirect funds into bank accounts controlled by the cybercriminal.
There has been a significant rise in the number of these cases over the past 12 months. In a recent case a consulting firm was tricked into sending $240,000 to a fraudster in Malaysia, after the boss’ personal email account was compromised.
At the time, the boss was on a work-related trip to Malaysia and an email was sent from his personal email to a woman working in the finance department, requesting urgent payment of an invoice to a supplier in Malaysia.
Exploitation of vulnerabilities
Cyber criminals are constantly on the lookout for vulnerabilities in widely used software applications, which they can exploit as part of cyber attacks.
Throughout the reporting period this type of exploitation was seen in action with Telerik, a company which offers products that provide functionality to web pages.
On 11 December 2019, a security vulnerability was published that affected some Telerik products. Sophisticated cyber actors then began scanning for unpatched Telerik versions – exploitation would allow an adversary to run code on a compromised server without authorisation.
What’s the financial impact?
As per the ACCC’s Targeting scams 2019 report, Australians lost over $634 million to scams in 2019.
While the true cost of cybercrime to the Australian economy is difficult to quantify, the report states that business email compromise was the top scam in terms of combined financial losses, at $132 million.
It’s important to note that the key cyber threats mentioned above are not mutually exclusive. For example, business email compromise scams involve spearphishing of a business.
Key takeaways
Cyber threats are becoming increasingly harmful. This is in part due to the increased sophistication of cyber criminals, but also due to our growing dependence on new IT platforms and interconnected devices and systems. The report states that while the 5G network and IoT devices have the potential to be revolutionary, they also require new thinking about how best to adopt them securely.