Find out why tight cyber security measures for your church or charity are more crucial than ever
Often when people talk about crime and security they are thinking of the threat of intruders and how to best secure their physical property.
This is very important of course. But it could also be easy to overlook or forget about the hidden and often unseen dimension of crime that lurks over the internet.
Here are some sobering facts:
- On average, 164 cyberattacks are reported each day which equates to 1 every 10 minutes. Many more may go unreported as well.
- The cost of cybercrime to the Australian economy is around $29 billion per year.
- The most commonly reported cybercrime in 2019-20 was online fraud. This was followed by identify theft.
- Cyber threats intensified with the pandemic as people started spending more time online and working from home.
Recent victims of cybercrime in the business world include:
- BlueScope – Australian steel-maker BlueScope was reportedly hit by ransomware attacks that affected some of its IT systems and caused serious disruption to its operations. In response the company enhanced its cyber-security.
- Toll – the shipping giant suffered two ransomware attacks during 2020 that resulted in data theft.
- Levitas – the hedge fund was forced to close down after it responded to a bogus Zoom invite that installed malware and led to the theft of millions.
These sorts of attacks not only impact big business though. They can also happen in small businesses, not-for-profits, and households.
Cyber trends for 2021
Cybercrime is on a ‘growth’ path, unfortunately! Here are some of the latest trends:
- Ransomware is the fastest-growing threat in Australia. It is also becoming more sophisticated.
- Identify theft attempts are expected to rise in the coming year.
- The IoT (internet of things – which refers to all kinds of ‘smart’ devices connected to the internet) will also become more vulnerable without strong security measures in place.
- Financial services and other kinds of service providers are likely to become prime targets.
- While operating in the cloud is generally very secure, extra layers of security are recommended on top.
The Australian Cyber Security Centre (ACSC) guide recommends the following measures for small businesses (which could also apply to not-for-profits):
- Software updates – the guide recommends turning on auto-updates and regularly checking for new updates as well.
- Regular data backups – this is not a new thing, as backups have always been advised ever since computers became available to small business and households. ACSC also reommends turning on automatic backups where possible.
- Mutli-factor authorisations – this involves setting two or more identity proofs for access, such as a password combined with a one-time SMS code.
- Access control – organisations should set very clear limits regarding who has what level of access to systems.
- Use of passphrases – refers to the use of a string of words or a sentence rather than just a single password.
- Training – it’s important to train yourself and your staff to recognise suspected scams and threats.
- Reporting mechanisms – all small businesses or not-for-profits should have a plan in place for reporting and responding to cyber threats. (See our previous post for more information on setting up an e-crime plan).
Check your insurance!
Cyber insurance provides financial protection in case of losses due to online attacks, so make sure yours is up-to-date!
Contact our office to discuss your policy or for assistance with your organisational cyber risk management.
Written by TessTags: data, security