An organisation has a CCTV camera and lock on the door to safeguard the business from criminals, but what about the security of what they cannot see? An investment is required to have a shield on an integral part of the organisation, popularly known as data.
The paradigm shift to digitalisation is creating a humongous amount of data, thereby increasing the threat, and leaving businesses vulnerable to cyberattacks.
An organisation might think- can there be a cyberattack on my business? When? How? Well, it does not matter as to what is the size or nature of the business or when it can get attacked. Everyone is at risk, and organisations need to be well prepared to take on oncoming cyberattacks. It is worth mentioning that cyberattacks fall under a broad umbrella, wherein there is inequality amongst the cyberattacks. Today attacks are evolving in terms of sophistication and hampering the organisations and individuals in terms of damage in reputation, financial losses, and productivity.
The current COVID-19 crisis has added a flower in the garden of cyber incidents. The pandemic has captured all the eyes on it and changed the strategic view across the globe. All eyes are gazing this pandemic, and cyberattackers are using this economic turmoil as a mask to target organisations. With the surge in cyberattacks, organisations need to boost their security.
From the stealing of bank accounts and accessibility to sensitive information, cybercrime attackers are capitalising on the COVID-19 pandemic and social isolation in new and demonic ways. They chase vulnerable people and organisations by using panic and dangerous ploy in the form of fake emails and texts that are sent across to organisations and individuals to decoy victims into revealing information, such as user accounts to corporate systems or personal information. Also, they are romping on COVID-19 related fears and desperation of individuals or organisations targeting stimulus payments and government aid.
In the wake of the current crisis, cybercriminals have unleashed an exotic stream of cyberattacks on numerous employees operating in vulnerable home environments. Employees are working from home with the spill of confidential files on their desktops connecting via home routers or VPNs to access the organisation’s network, which is giving a hard time to the organisations to spot the attacker.
Organisations were vulnerable to cyberattacks way before the outbreak of COVID-19, but many of the organisations did not report these breaches or did not have any idea what they are. Organisations or government agencies failed to act in response to these cyber incidents with poise and utmost urgency.
There is an upsurge in the number of cybercrimes, posing the threat of existence among variant sized organisations amid the coronavirus outbreak.
A cybercrime wave hit BlueScope Steel Limited (ASX: BSL), the Australian steel producer, during mid-May 2020. BlueScope confirmed via its official website that a cyberattack had affected its IT systems and caused disruptions in certain operational parts of the company.
Minor disruptions were caused in the company’s Asian, North Star and New Zealand businesses. However, these businesses are continuing broadly unaffected by these disruptions.
It is yet to outline how BSL was attacked and what was the type or source of the cyber incident. As per the company’s official statement, sales and manufacturing operations had been impacted in Australia.
In response to this attack, some of the processes had been put on halt. In contrast, few operations continued such as steel despatches along with some manual processes and workarounds.
BSL, the oldest steel manufacturer in Australia, has a customer base and operations across regions or countries such as North America, Australia, Asia, and New Zealand. Hence, any degree of a cyber incident can hobble its global operations.
Tania Archibald, Chief Financial Officer, BlueScope, stated that the detection of the cyber incident happened in one of the BSL’s US businesses, and prompt response to the event was taken. Also, in the affected businesses, the company reverted to operations manually until the assessment of the impact and remedies required to restore normal working of the businesses quickly.
Ms Archibald added that the company had deployed internal people, along with assistance from external providers to work on this severe event to restore and protect its systems.
BlueScope is Not Alone; Toll Group and Services NSW Followed the Attack Trail
Service NSW was another victim of cyberattack targeted by a phishing campaign. This attack is one of the known methods of cyberattacks, and it has evolved over the years. This attack can longer be detected by relying solely on personnel, as it requires technological measures.
Service NSW is an agency that operates government services and transactions related to public transport, births, deaths, marriages, housing, etc. The NSW Police was notified regarding the phishing attack on 22 April 2020, which compromised information held within staff emails and resulted in the illegal access of the email accounts of 47 Service NSW staff members. This breach by the cyberattack on the customer service department had put in sensitive information of citizens at risk, causing the use of such personal information for abominable purposes by the hackers.
CEO Damon Rees, Service NSW, said that their cybersecurity teams had interrupted the attack, and the impact on customers and services was curbed. Also, the criminal access was limited to the transactions that happened via phone or over the counter at a Service NSW Centre. He also apologised for not successfully protecting its customers against this cyberattack.
The state government agency deep dived into the email accounts by engaging forensic specialists to identify whether any personal information has been accessed over the attack.
Service NSW has advised the reset of all passwords and pins while scrutinising current accounts for unwarranted activity or transactions to those who have been in touch with Service NSW staff and have experienced mistrustful activity online.
Australia’s logistics giant, Toll Group, was hit in February 2020 by a Mailto ransomware attack. This attack compromised around 1k systems while impacting local and global deliveries. And, the second wave of a cyberattack hit the company in May 2020.
The group closed its systems after the detection of suspicious activity on the IT systems. On 5 May 2020, Toll confirmed a ransomware attack known as Nefilim. However, the group made sure to restore its services while prioritising the most urgent deliveries amid COVID-19 and maintaining regular contact with the Australian Cyber Security Centre (ACSC) for the process of investigation and recovery.
At least one specific corporate server was accessed, which had details related to past and present employees along with commercial agreement details with its former and current enterprise clients.
The attacker is known to have published this stolen data to the dark web after the download of data from the server whose specific nature of information is unknown. Therefore, Toll is now fastening the process of accessibility and verification of the nature of the published stolen data. And, post this assessment, the impacted individuals will be notified and offered support.
Today more action is needed. The organisations and government agencies need to figure out why they are more exposed. They need to make sure that they brush up on national security policies and determine how to knock together a more cyber-resilient organisation and nation.
There is no investor left unperturbed with the ongoing trade conflicts between US-China and the devastating bushfire in Australia.
Are you wondering if the year 2020 might not have taken the right start? Dividend stocks could be the answer to that question.
As interest rates in Australia are already at record low levels, find out which dividend stocks are viewed as the most attractive investment opportunity in the current scenario in our report.