Get your Shields Up: Protection against Cyber Threats

November 9, 2022

Many say that the first recorded cybercrime took place in 1988, when Robert Tappan Morris, a 20-something graduate student at Cornell, wrote a program that would travel from one computer to another and ask each machine to send a signal back to a control server. Morris’ intentions were not malicious. He just wanted to know how big the internet was, but the program inadvertently clogged up large sections of the internet. His program became the first of a particular type of cyber-attack called “distributed denial of service,” or DDoS, which involves multiple connected online devices being used to overwhelm a target with lots of traffic and overload it so much so that either the system shuts down or its network connections are completely blocked.

Morris’ program, known to history as the “Morris worm,” was actually not the first. The history of cyber-attacks goes further back to the time when there was no internet. In the 1830s, two brothers, François and Joseph Blanc, manipulated a large data network based on optical telegraphy called the semaphore in order to steal financial market information. They were actually brought to trial in 1837, but they were not convicted as there was no law expressly forbidding such a use of the telegraph system. Morris, on the other hand, was sentenced to three years of probation, 400 hours of community service, and a roughly US$10,000 fine for his recklessness, making him the first person to be successfully charged under the Computer Fraud and Abuse Act.

A disheartening reality

Morris’ worm has set the stage for modern cybersecurity challenges. But today’s internet is much larger than the internet of 1988, and the cyber threats are increasing and have gotten worse. Australia alone has had several recent high-profile cyber security attacks in the past couple of weeks…

August 2022 – Australian Federal Police (AFP) secret agents, operation details, phone tap recordings, and payroll data for Colombian officers exposed in a massive Colombian government database leak.
September 2022 – Australian telecommunications giant Optus became a victim of a massive cyberattack that compromised the personal information (including date of birth, contact details, driver’s licence and passport numbers) of up to 10 million customers.
October 2022 – Nearly two weeks after Optus reported a data breach exposure, Australia’s largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party
October 2022 – The ransomware attack against Medibank that has allegedly compromised 200GB of data (First names and surnames, birthdates, addresses, Medicare and policy numbers, credit card details, etc).

As one of Australia’s biggest data breaches, these consecutive incidents are drawing lots of media attention where government bodies are being called upon to fast track the proposed cyber law reforms and make cybersecurity a priority.

According to research by Imperva, a large increase in attacks targeting Australian sites has been detected over the last year, with financial, retail, and business sites having the most attacks for a variety of reasons, including stealing customer databases and data scraping for competition, as well as the fact that some small businesses may not have the same sophisticated cyber security tools as larger organisations. Moreover, there is an 81% increase in all attacks from July 2021 to June 2022 and a 230% increase in critical incidents between August 2021 and May 2022. The research report also showed the top three most common risks faced by Australian organisations: automated threats, remote code execution (RCE), and remote file inclusion (RFI).

So why is Australia being targeted by sophisticated cyber-attacks? Do Australian organisations, including all levels of government, health care, education, and essential service providers, have the most vulnerable critical infrastructure?

According to the Global Wealth Report 2022, a recently released study of wealth per country done by the Credit Suisse Research Institute (CSRI), Australia is the wealthiest country in the world when it comes to wealth per adult.

Profitable targets, the shift to remote working and learning from home, and the migration of applications and data online, combined with lax or rushed cybersecurity protocols, can all contribute to an ideal environment for cyber criminals to launch new attacks.

What you can do

Australia is becoming an increasingly lucrative target for cyber criminals, and this calls for robust cyber security measures to mitigate cyber threats. The Australian Cyber Security Centre (ACSC) received one cybercrime report every eight minutes in 2020–21.

The truth of the matter is that cybersecurity has become a crucial issue both on a societal and personal level. Cyber criminals don’t just target businesses and government institutions. Every individual and every business, no matter how large or small, are potential targets of a cyber-attack. Your financial and personal information is valuable and may be used by cybercriminals seeking financial advantage. This makes cyber security a collective community endeavor, and it is our shared responsibility to hold each other responsible for protecting our data and maintaining our privacy.

It is not only essential that you protect yourself and your business’ key assets through the use of tools and software. Equally crucial are efforts to spread knowledge of this critical issue and to inspire businesses, organisations, and people to adopt cyber-safe behaviors.

In this article, we’ll learn easy and practical tips to protect yourself online by going back to The Basics of Cyber Hygiene and the strategies to protect your business by adopting The Essential Eight Maturity Model.

First things first…

What is Cyber Hygiene?

Cyber hygiene, or cybersecurity hygiene, is a set of practices organisations and individuals perform regularly to maintain the health and security of users, devices, networks, and data.

Why is Cyber Hygiene important?

Maintaining good cyber hygiene protects individuals and businesses by keeping sensitive data safe and secure, preventing malware and other attacks from breaching networks and devices, and reducing the risk of data loss and operational disruptions. Poor cyber hygiene can lead to data breaches that result in financial loss, operational downtime, damage to reputation, loss of consumer trust, lawsuits, and even government fines.

What is a Data Breach?

A data breach, or data spill, is a security incident in which personal, confidential, or otherwise protected information is accessed (accidental or deliberate intrusion) without the knowledge or authorisation of the system’s owner. Data breaches can be committed by an unauthorised person.

What is Cybercrime?

Cybercrime is any criminal or illegal activity that involves a computer, networked device, or other forms of information communication technology perpetrated by individuals, groups, businesses, and nation-states for different motives. Cybercrime may include data breaches, credit card theft, identity theft, internet fraud, phishing, electronic bullying and stalking, software piracy, network intrusions, internet pornography, cyberterrorism, cyberextortion, cryptojacking, and hacking for fun.

What is a Cyber Attack?

A cyber-attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks. Cybercriminals use different methods to launch cyber-attacks that include malware, ransomware, phishing, man-in-the-middle (MitM) attacks, Denial of Service (DoS) attacks, Zero-Day Exploits, SQL Injection, DNS Tunneling, or other methods.

Why do cyber-attacks happen?

Cyber criminals want an individual’s personal data, a business’ financial details, clients’ lists or customer databases, intellectual property, or IT infrastructure for various reasons other than financial gains, like making a social or political point, espionage, or intellectual challenge.

What is a Cyber Risk?

Cyber risks are the potential damage or devastating outcomes that result from cyber-attacks and cyber threats that can exploit the vulnerabilities or weaknesses that exist within your IT environment.

Why Cyber Risks are a big deal for every business?

We have mentioned the outcomes of poor cyber hygiene. All these possible outcomes are threats that pose risks to your business-financial loss, operational downtime, damage to reputation, loss of consumer trust, lawsuits, and even government fines.

What is Cybersecurity?

Cybersecurity is a set of processes, technology solutions, and procedures that help protect and defend critical systems, servers, networks, and data from cyber-attacks.

Why is Cybersecurity important?

Cybersecurity safeguards all types of data against theft and loss. Its aim is to reduce the risk of cyber-attacks and protect against the unauthorised exploitation of systems, networks, and technologies. You and your organization cannot defend against data breach attacks unless you have a cybersecurity program in place.

Steps to Protect Yourself and your Business from Cyber Threats

1. Enhance Cyber Hygiene

Poor or ineffective cyber hygiene increases an organisation’s exposure to cyber losses. Here’s what you can do to protect yourself and maintain security while working online. Don’t forget to share them with your colleagues.

The Basics of Cyber Hygiene

Implement multi-factor authentication (MFA) on your accounts (e.g. a confirmation text message, a code from an authentication app, face or fingerprint verification, or a security key). Here’s a step-by-step guide on how to setup MFA.
Turn on automatic updates on all your devices, such as mobile phones, tablets, and laptops, apps, and operating systems. Here’s how to keep your devices up to date.
Backup your data regularly to the cloud, backup software, or an external hard drive. The frequency of a data backup is on a case-by-case basis depending on the data changes. Here’s a step-by-step guide to help you back up your data.
Use strong and unique passwords and change them regularly. Never reuse the same passwords across multiple apps. Use a reputable password management solution to manage, generate, and store unique passwords.
Think before you click. More than 90% of successful cyber-attacks start with a phishing email. So if in doubt, double-check by reaching out to the company’s official website, or their app if they have one.
Be mindful of what you share on social media. Limit, or if possible, never give out your identifying information online, like your birth date, home address, license plate, financial information, and even your friends’ or family members’ personal information without their permission.

2. Prioritise investments in cybersecurity.

As technologies advance, so do cyber threats. Emerging technological advancements have opened new possibilities where customers can store, share, and access everything online and through the cloud. Likewise, this is another opportunity for cyber criminals to access and exploit your personal data, which is why cybersecurity should be of utmost importance in every organisation. Investors and customers need to ensure the integrity and confidentiality of their data against potential threats. Whether you’re a small or large company, a cyber-attack can affect you badly. With a cybersecurity tool and services in place, you keep your business safe from unexpected cybersecurity incidents and prevent malicious actors from exploiting your system.

3. Invest in employee training.

There’s a human element to many cyber incidents that result in data breaches. That’s why conducting regular cyber security awareness training is important not only to new employees but also to regular employees. Employees need to know how to identify a “phishy” looking email and what to do about it. Keeping your team abreast of what’s out there and what to do about it is your first line of defense against external threats.

3. Prepare a security risk management plan.

Your IT team and cybersecurity risk management professionals each have distinct skill sets and perspectives. It’s no longer enough to use software and tools to prevent cyber-attacks. To mitigate cybersecurity risk, you need a cybersecurity risk assessment to map out the entire threat environment, assess the risks to your business’ information assets, identify the procedures and technologies that can help mitigate the risks identified, and evaluate how effective the methods are to attenuate their impact or prevent incidents in the future. Part of developing a unique cyber risk management strategy is investing in cybersecurity awareness training, as well as implementing good cyber hygiene practices, which we have discussed earlier.

4. Implement the Essential Eight Maturity Model

ACSC has developed prioritised mitigation strategies to help organisations protect themselves against various cyber threats. The Essential Eight Maturity Model is the baseline strategy designed to assist organisations to determine the maturity of their cybersecurity approach and implement the Essential Eight in a sequential manner.

Maturity Level Zero: Not aligned with the intent of the mitigation strategy
Maturity Level One: Partly aligned with the intent of the mitigation strategy
Maturity Level Two: Mostly aligned with the intent of the mitigation strategy
Maturity Level Three: Fully aligned with the intent of the mitigation strategy

The Essential Eight Maturity Model

Application control to prevent execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.
Patch applications (e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers). Patch/mitigate computers with ‘extreme risk’ security vulnerabilities within 48 hours. Use the latest version of applications.
Configure Microsoft Office macro settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
Patch operating systems. Patch/mitigate computers (including network devices) with ‘extreme risk’ security vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
Regular backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.

The Bottom Line

October was Cyber Security Awareness Month in Australia, but still, it’s important to be cyber smart all year long. At Azentro, we believe that cyber security is a global priority and prevention is better than cure, especially when it comes to preventing cyber-attacks.

Just because you haven’t experienced a cyber-attack yet doesn’t mean you’re safe online. Just because you have VPNs or your anti-virus software programs are up-to-date doesn’t mean you’re not a target. Remember that anyone and businesses of any size are potential targets for cybercriminals. No one is too small, too young, or too old to be a cybercrime victim. So, with cybercrime on the rise and evolving all the time, how do you protect yourself and your business?

Let’s keep your business safe

Indeed, prevention is better than cure, especially when it comes to preventing cyber-attacks. Our world is increasingly becoming complex and interconnected, and we all have the responsibility to not only protect our personal data but also to keep cyber safety top of mind.

What data security challenges does your business face today? There are ways in which you can protect your data from phishing and malware attacks by following the right measures. Even simple precautions can help safeguard your devices and data against cyber-attacks.

Azentro specialises in providing comprehensive cyber security services, from password management to data loss prevention and security awareness training. We will give you the peace of mind your business needs for productivity and growth. Learn how we can assist you in identifying, assessing, mitigating, and monitoring cyber risks in your environment.