2019 was an eventful year in the Australian cyber security landscape. The security industry saw an increase in government and private industry collaborations, with the 2020 security strategy announced. There was also a large amount of alarming security breaches and incidents spanning across industries and government agencies, which emphasised the importance of investing in cyber security.
New standards were introduced for APRA-regulated industries with the introduction of Prudential Standard CPS 234 on the 1st of July. This new standard aims to provide stricter reporting requirements around security incidents, consistent information security framework maintenance, and overall, assist with bolstering security resilience.
According to a report by Trend Micro, a 77 percent surge in ransomware attacks was reported during the first half of 2019, with researchers identifying WannaCry as the most common type of ransomware. According to new security research conducted by Datto, Australia and New Zealand’s small-to-medium sized enterprises now hold the highest rate of reported ransomware attacks globally. 91 percent of subject matter experts have reported an attack in the last two years compared to a global average of 85 percent. The Victorian healthcare industry was severely disrupted by ransomware attacks with major regional hospitals and medical centres being hit and surgeries delayed as a consequence.
Some shocking data breaches occurred during 2019, with millions of people in Australia having their information leaked publicly through a variety of data breaches. Some notable breaches include the ‘Collection #1’ breach, featuring 772 million records from multiple, different sources. Others included breaches from the Australian National University, payID, My Health Record, Puma, Canva and Symantec, just to name a few. Between April 1st and June 30th alone there were 245 notifications of breaches under the notifiable data breach scheme, with 62% being malicious or criminal attacks. A signification portion of 34% was also attributed to human error.
The most common industries reporting breaches are:
- Health Service Providers
- Legal, accounting and management services
Majority of the most common reported malware have been evolutions of old malware or exploiting old vulnerabilities. As a response to the dramatic shifts and exponential changes in Australia’s security landscape, the Australian Government reached out to private industry and government agencies for input in the new strategy. The full report is now available.
A lack of information sharing and collaboration in Australia’s private cyber security industry has been a well-known problem for a while now. Cyber criminals are consistently working together and sharing knowledge to conduct their criminal activity, it only makes sense that the good guys work together too. With the announcement of Cyber CX, Australia’s top industry leaders have joined forces under one company to ensure Australian organisations are supported by industry experts to protect themselves against cyber criminals.
Moving further into 2020, Alcorn Group’s subject matter experts expect to see:
- Data breaches caused by publicly storing information or poor password management will decline as more cloud and service providers implement security technology, processes and procedure.
- Ransomware will continue to escalate as one of the most common cyber security threats to organisations. Ransomware attacks will most likely mature and become more agonising for the victims as they move away from targeting specific workstations and immediately encrypting. Ransomware attacks may become more sophisticated with compromises occurring on a network, then the attacker pivoting to take over domain admin accounts and then systematically placing ransomware on the affected hosts. Targeting of backups and backup locations for Ransomware attacks will also increase, making it harder to ensure that attackers can be removed from the network.
- More IoT vulnerabilities will be found and exploited. Ongoing concerns and discussions around IoT expected are to escalate with an increase in internet connected devices in the home and business use cases.
- More business will turn to potentially insecure automation and industrial control systems as they look for smarter devices to provide data and metrics.
- An increase in attacks targeting Managed Service Providers (MSPs), with attackers further target the MSPs’ customers.