Escalating tensions between the United States and competing countries are reshaping the cyber-security landscape – with severe implications for Australian businesses and government organisations. The United States set down its case in a cyber strategy document released in late 2018 and has escalated its measures from there. According to the document, the United States had adopted a vision of ‘a shared and open cyberspace for the benefit of all,’ but its adversaries had conducted economic espionage and malicious cyber activities that had damaged individuals, commercial and non-commercial interests and governments across the world.
The document listed Russia, China, Iran, and North Korea as challenging the United States in cyberspace, ‘often with a recklessness they would never consider in other domains.’ Since then, the United States Government has issued executive orders to shore up a cybersecurity workforce short of 300,000 practitioners and more importantly, to declare a national emergency and bar United States companies from using foreign telecommunications equipment made by companies it considers a national security risk. The initiative is already causing consternation among local users of smartphones from one supplier – a leading United States-headquartered company is reportedly restricting the supplier’s access to its applications and operating system.
Businesses need to monitor and respond quickly to these measures and the evolving security landscape. Companies exposed to the United States will need to evaluate the risks of doing business with firms targeted by current and future executive orders. Given Australia’s close relationship with the United States, local organisations will also need to remain aware of the ongoing risk of cyberattack or espionage from individuals or groups acting on behalf of ‘cyberspace challenger’ countries.
Some of the steps businesses should take include ensuring cyber-security planning including incident response is up to date and people know their roles and responsibilities; checking that anti-malware products are installed and up-to-date; and that employees are aware of potential cyber-threats and the steps they need to take to minimise risk. If you would like to learn more, please contact email@example.com.
The cyber security spotlight has been directed firmly at ransomware in recent times. Yet a recent report in the United Kingdom highlights the fact phishing remains a real headache for businesses, government organisations and not-for-profits. The Cyber Security Breaches Survey 2019, conducted by the Department for Digital Culture, Media and Sport, found nearly one third of businesses (32%) and about one fifth of charities (22%) experienced cyber-security breaches in the previous 12 months. Of these, 80% of businesses and 81% of charities experienced phishing attacks – a considerably higher percentage than those that experienced viruses, spyware or other malware, including ransomware (27% of these businesses and 18% of these charities).
So what are the key differences between phishing attacks and ransomware attacks – and why are phishing attacks a deep concern for businesses? A phishing attack generally involves a malicious person using social engineering techniques to trick a person into supplying sensitive personal or business information, whereas a ransomware attack (that can be delivered through a phishing communication such as an email) aims to extract a ransom from a victim by locking their files and demanding payment for a key to regain access.
Phishing messages often direct victims to fake websites – that may include branding and information copied from legitimate websites to appear authentic to enter their details.
How do you limit the risk to your business – including your people – of being compromised by a phishing attack? The answer is a combination of education, awareness, technologies and processes. The Australian Government’s Stay Smart Online website includes a list of steps your people and your business can take to minimise the risk presented by phishing. These include advising your people to avoid clicking on links or opening attachments in unexpected or suspicious emails and contacting senders to verify concerning emails, using details sourced from a legitimate website or location. Your business should also install and update spam filters and other anti-malware products to help minimise risk.
Firstwave’s Cloud Email Security product provides advanced, feature-rich and configurable cloud email security services for businesses – powered by its cloud email content security and analytics platform technology. If you would like to learn more, please contact firstname.lastname@example.org.