Australian workplaces scrambling to switch operations remotely amid the COVID-19 pandemic are “creating the perfect system” for hackers, according to leading cyber experts.
SECMON1 incident response director Chris McNaughton told NCA NewsWire there had been “big increases” in data breaches and cyber ransom attacks since March.
“We’re seeing organisations rushing to allow users to work remotely but failing to add an overlay of security at the same time,” he said.
“Workers need access to data and they’re accessing that via all sorts of share points.” Employers are saving dropbox files on their own computers or sending it to their own Gmail accounts creating all sorts of vulnerabilities and security issues and is something we’ll see exist moving forward.”
Mr McNaughton said companies using Microsoft Office had suffered a big increase in cyber attacks.
“Hackers are getting in and taking over mail accounts – one of the worse scenarios was when attackers went in and took ownership of a whole company’s Microsoft Office environment for a few months costing them $420,000.”
Mr McNaughton also said employees would be behind the cyber breaches in 68 per cent of cases.
“Senior staff have access to, and may steal, restricted company information; developers steal snippets or large amounts of code; we have also had many cases where call centre operators steal sensitive customer information to take over the customers identify to commit fraud,” he said.
“The key is to be proactive about detecting these damaging events and to build a culture in your organisation where this type of activity is not OK.
“The solution is to either proactively monitor for the activity or conduct targeted audits against high-risk individuals, such as executives.”
One of Australia’s biggest beer producers Lion was asked for a $1 million ransom to save its confidential data from being posted online in June.
In May, Logistics giant Toll Group suffered its second major cyber attack this year, revealing its internal and customer-facing systems had been infected by a new form of ransomware.
And in the latest incident, an Australian aged-care operator confirmed this week that personal data had been released publicly by an “overseas third party”.
Security InDepth Australia chief executive Michael Connory said there had been a 120 per cent rise in cyber attacks in June alone and the healthcare sector had suffered particularly.
“The health sector has aged support staff, and there are many priorities such as funding, medical equipment, patient care, and IT security comes at the bottom of the list,” he said.
“There are significant risks with patient records being released, and in cases where that’s a real threat, there’s no guarantee the hackers won’t release them even if paid a ransom.
“Remote working has created the perfect system for hackers where workplaces have taken their security networks home, almost removing those security safeguards.”