How COVID-19 triggered a spike in cybercrimes in Australia

Highlights

• Any attempt to gain unauthorised access to a computer, computing system or network to harm or cause damage is known as cyberattack
• During 2020-21, the ACSC received more than 67,500 cybercrime reports
• Cybercrimes mostly attacked the health and social sectors and the number of reports doubled in 2021 compared to 2020

A cyberattack refers to any attempt made to gain unauthorised access to a computer, computing system or network with an intention to harm or cause damage. A cyberattack can have many objectives, including financial gain, disruption, and revenge.

Healthcare organisations are becoming increasingly vulnerable to online attacks posing a huge threat to regular work and confidential patient data.

Hospitals store a vast amount of confidential patient data, which is a huge money-making route for hackers. Medical devices are also an easy entry point for hackers as they lack the security found on other network devices. Further, hospitals use many interconnected devices, making it difficult to stay on top of security.

Related read: How cybercrime cases increased post pandemic?

Image source: © 2022 Kalkine Media®

Cybercrimes fuelled by COVID-19 pandemic

The COVID-19 pandemic led to many people and organisations working remotely in the 2020-21 financial year, increasing their dependence on the internet. The dependence created more opportunities for malicious cyber actors to exploit vulnerable targets in Australia.

During that year, the Australian Cyber Security Centre (ACSC) received more than 67,500 cybercrime reports. This indicates an increment of 13% from the previous financial year. Almost every sector, including government agencies, critical infrastructure providers, large organisations, small-to-medium enterprises, and individuals were targeted over the reporting period.

In 2020-21, the healthcare sector was a significant target of cyberattacks. A common instance during those times was spear-phishing emails. It was generally linked with COVID-19 related topics, encouraging recipients to enter personal credentials for access to COVID-related information or services.

According to Security Brief Australia, the health and social sectors were most attacked by cybercrimes, and the number of reports doubled in 2021 compared to 2020. The industry is still the most attacked in the nation, as per a new study.

The attacks included ransomware attacks and supply chain attacks. In ransomware attacks, healthcare systems were disabled until a sum was paid, whereas in supply chain attacks, attackers avoided traditional security controls and tried to get to the heart of critical systems.

Related read: Three ASX cybersecurity stocks in focus - FZO, TNT, SOV

Cybercrimes in Australia: By the numbers

To sum up, following are the key points observed by the ACSC in 2020-21

• Over AU$33 billion self-reported losses from cybercrime
• Nearly a quarter of cyber security incidents affected Australia’s critical infrastructure
• Nearly four cybercrime reports per day were related to the coronavirus pandemic
• Over 75% of pandemic-related cybercrime reports involved Australians losing money or personal information

Related read: What about the Cyber Security bill is ailing private hospitals?