It used to be a business needed a lock on its door and a CCTV camera to protect against criminals, now experts say they need to invest in security they cannot see. The humble keyboard has been used to wreak havoc on a handful of organisations recently and cyber experts are warning the number of victims will continue to rise.
Just this weekend Prime Minister Scott Morrison announced details of the ongoing cyber-attacks
“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used,” Mr Morrison told reporters in Canberra.
Defence Minister Linda Reynolds said there is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication in Australia.
As the name suggests, attackers steal data and lock it up so victims cannot access it, or attackers prevent a person from using a computer unless they pay a ransom. Tom Uren, a cyber expert at the Australian Strategic Policy Institute, said attacks using ransomware are happening more often and businesses needed to beef up their security. Criminals are becoming more sophisticated with hacking into systems and cyber experts have long called for business owners to turn their focus to online safeguards.
“The way these gangs operate is they try and price it so it’s cheaper to pay the ransom than it is to try and fix things.”
The Australian Cyber Security Centre (ACSC) and the Department of Home Affairs have published a detailed technical advisory which is available at this link >>>> https://www.cyber.gov.au/news/safeguarding-australias-critical-infrastructure-from-cyber-attack
In Australia several incidents have occurred in the last few months:
- Courier company Toll Group has confirmed it has fallen victim to a ransomware cyber-attack that has forced it to shut down online systems and manually process parcels. Toll declined to give further details about the ramifications of the breach, but it is understood major Toll facilities, including the Banksmeadow and IPEC Bungarribee depots in Sydney were offline and running manually. While the company did not disclose details of the attack, sources have suggested it was targeted at Toll’s managed service provider (MSP) Infosys.
- A major cyber-security breach at Service NSW sparked by a staff member opening an email phishing scam is under investigation. The malicious attack illegally accessed the emails of 47 staff members.
- Australian-listed BlueScope confirmed it was the victim of a cyber incident. BlueScope said its Australian manufacturing and sales operations were impacted by the incident, which caused the pausing of “some” processes. The company said other processes, including steel despatches, continued to operate despite the incident through some manual processes and workarounds.
- Australian brewery Lion was forced to suspend production, threatening the flow of beer across the continent-country, after a cyber-attack struck down its IT systems. Lion brews southern hemisphere brands including Speights, Steinlager, Lion Red and Brown as well as the international brands Guinness, Becks, Corona and Budweiser. Brewery staff had fallen back to manual processes for shipping orders to customers. While it was “able to continue to brew beer safely”, the attack “has impacted crucial aspects of the brewing process”.
The hospitality and gaming industry has already been a target internationally due to the large databases of personal information held by these businesses. Major data breaches in 2020 alone include:
- MGM Casinos recently disclosed that it was the victim of a data breach caused by “unauthorised access” to a cloud computing server that stored guests phone numbers, addresses and other personal data, claiming that the breach had resulted in stolen data from over 10 million guests being published recently on an online forum.
- Marriott says personal information for at least 5.2 million guests could have been accessed by unauthorised people at two of its hotels for more than a month earlier this year. The accessible information included full names, email and postal addresses, phone numbers, account numbers and points balance, birthday, gender, and any linked loyalty affiliations, like with airlines.
- Slot machines in two Las Vegas casinos were out of action for almost a week in an incident that bears all the hallmarks of a ransomware attack. Four Queens Hotel and Casino and Binion’s Casino in downtown Las Vegas are open for business but for several days were only able to trade in cash, while startling videos of rows of crippled slot machines on empty casino floors swept across Twitter.
Secom Technology – specialist security solutions to protect clubs and hotels
The current state of IT security is that attackers are now so sophisticated that they will find and exploit any minor security holes in your IT system. If you thoroughly check and remove these security holes, then attackers and their bots will find no way to access your system, and they will simply move on to the next domain.
Secom Tech provide security audits for businesses to identify some of these security holes in your system, and then discuss with you the risks and solutions to enhance your security including:
- Specialised crypto-ransomware prevention technology: to protect your hard drive
- Spear-phishing detection: to prevent targeted email breaches
- Intrusion detection: to detect if a breach has occurred
- Web filtering: to block or monitor inappropriate web activity by employees
- Firewall: to block unwanted web traffic
- VPN: to connect to the internet more securely
- Spam filtration: to block malicious and unwanted mail
- Antivirus: to protect your network from malicious code
To find out more about how Secom Technology can help protect your venue data click here>>> http://secomtech.com.au/services/system-wide-security/
If you would like more information on system security call:
Secom/Sint – Phone: 1300 781 224