• You are here:
  • Home »
  • Author's Archive:

All posts by domaindigital

Tips for working from home

Here are a number of suggestions for PC users. Some of the applications will be different when using a Mac but the concepts are the same across platforms.

1. Setup Your Workstation

a. Confirm the environment – Checklist Below
b. Lighting for improved video – Tabletop lighting kit
c. Noise cancelling Headset – Plantronics Voyager 8200
d. Ensure you have multiple screens – at least two

2. Leverage your O365 collaboration suite

Your O365 suite can be installed on almost any device so it can follow you where ever you go. PC, Mac, iPhone and Android – Business license options provide 5 x installs so you can have it on every device you own.

Microsoft Outlook

Use Microsoft Outlook to Email and also to schedule your day. Remember you can use templates to send standard information to people. Microsoft Teams meetings can be scheduled from inside Outlook as well.

Microsoft OneDrive

Use OneDrive to stage your personal documents before releasing them to the world. You can choose to share documents from OneDrive directly or move them to the correct location in SharePoint. Also handy for personal storage of data as it is not shared by default.

Microsoft OneNote

If you write notes on a piece of paper, you have to check out OneNote – it is a notebook on steroids. You can create lists to be checked off, insert photos and share it across your PC, phone and / or Mac computer. Anywhere you have a device, you also have access to your OneNote notebook. This is a must have & must use for senior managers and executives.

Microsoft SharePoint

SharePoint can be used to share with all people or a chosen few based on permissions. You can also leverage the power of search and workflow.

Microsoft Teams

Microsoft Teams allows you to Video, Screenshare, Chat, Store Documents and Collaborate. You can blur your background if you are in a busy environment (though sometimes pets or children provide entertainment for a team meeting). If things are a little jerky, turn off video and or consider using mobiles for voice if practical. Your Voyager 8200 will connect to a laptop and mobile phone simultaneously so choose which device whilst keeping your headset on. We recommend you try using plug in applications like Microsoft Whiteboard to draw and share explanatory diagrams or use the templates for collaborative problem analysis.

3. Fast feedback and extra tools

a. Screen shots – Snipping Tool (Included with Windows) – Right click and add it to your task bar
b. Screen recording / Video Editing – Snagit or Camtasia

4. Productivity and Safety

a. Ensure all remote computers are centrally monitored with
i. Antivirus
ii. Windows Patching
b. Anything that can have 2 Factor Authentication applied, must have it turned on
c. Everyone should use a password manager such as LastPass

Keeping your team connected

  • Every Wednesday at 9am, we run an EOS level 10 meeting. If you have not come across EOS from Gino Wickman, do yourself a favour and check it out. I don’t know anyone who follows the system that does not love it.
  • Whilst working remotely, we have a twice daily huddle at 10 am and 2:30pm. It is a scheduled 10 minute MS Teams video call to keep everyone connected. It is a little like a water cooler chat and it makes the world of difference to isolated individuals.
  • Create specific channels in your MS Teams chat to ensure everyone is kept up to date. Eg:
    • All Staff – To let everyone know what is happening.
    • Daily Huddle – Succinct update as to were people are at any given point in time.
    • Conference Update – There are always key learnings from a conference. Get people to post these important details and/ or, link a shared OneNote file for conferences to capture and share the IP.
    • Talkin’ Shite – Have a non business channel for silly stuff for the team to let off steam. Ensure the content is appropriate as one doesn’t want a HR issue. You know what works for your company. Remember that when a new person joins, they have access to all of the history as well. This is great for capturing IP. Less so for racist, sexist or straight up inappropriate comments.

      Base the channels on what is relevant for your organisation. Larger organisations may wish to break things down by department. Remember to KISS (Keep It Simple).

Super Important Note

There are a lot of IT variables when working from that would normally be controlled in a central location ie The Office. These include the Firewall, Internet connection, Wireless and most importantly, the computer which is used to work from home.

If using non IT controlled assets, there may be different software versions to cause compatibility issues, No patching updates to close out security risks, Unmanaged Anti-Virus products that may be ineffectual or even expired with no notification to resolve the issue.

All of these variables can cause additional issue. Our number one piece of advice around remote workers is to utilise centrally controlled IT assets to ensure your systems remain safe.

Remote and Flexible Working Agreement

You can download a sample agreement for modification as required by your company. The form can be deployed in a number of different ways including:

Cyber Threats – What are the common threat types?

The cyber threat to Australian individuals and organisations is undeniable, unrelenting and continues to grow.

You could be a target even if you don’t think the information held on your networks is valuable, or that your business would be of interest to cyber adversaries.

Many organisations are at risk purely because they are vulnerable through unpatched software or unaware staff members.

Common threats impacting Australians include

Malware

Malware is software that cyber criminals use to harm your computer system or network. Cyber criminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks.

Ransomware

Ransomware is a type of malware that denies access to files or computer systems until a ransom is paid.

Distributed denial of service

A distributed denial of service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic.

Unauthorised cryptomining

Cryptocurrency mining (cryptomining) software uses a system’s processing power to solve complex mathematical problems, in return for a type of digital currency.

Unauthorised cryptocurrency mining (also known as cryptojacking) is where a website or software on your computer does this cryptocurrency mining without your authorisation. It is now the most popular cyber attack method.

You could be a target even if you don’t think the information held on your networks is valuable, or that your business would be of interest to cyber adversaries.

Malicious insiders

Malicious insiders are people such as employees, former employees, contactors or business associates who have inside information on your computer system, data or security, and access it for their own purposes.

Identity theft

Identity theft is when a cybercriminal gains access to your personal information to steal money or gain other benefits.

Phishing

Phishing is a method of stealing confidential information by sending fraudulent messages to a victim. It is one of the most prevalent scams reported in Australia.

Email scams

Criminals use email to manipulate or trick you into unintentionally sharing personal information, financial details, or money.

Phone call scams

There are many ways scammers try to get your information or money over the phone. They will usually pretend to be from a well-known organisation, such as a government agency, a utilities provider, Australia Post, a bank or the police. They can be incredibly convincing.

Dating and romance scams

Scammers often approach their victims on legitimate dating websites before attempting to move the ‘relationship’ away from the safeguards that these sites put in place, for example, by communicating through other methods such as email, where they can more easily manipulate victims.

Unauthorised cryptocurrency mining (also known as cryptojacking) is where a website or software on your computer does this cryptocurrency mining without your authorisation. It is now the most popular cyber attack method.

Secondary Targeting

Secondary targeting is where cyber adversaries try to gain access to networks of companies that provide products or services (e.g. through outsourcing arrangements) as a means to get to their higher value customers.

Prevention

Prevention is far better than cure. Ensuring your network is configured and aligned in line with the Australian Government’s “essential 8” recommendations is the bare minimum required.

Utilising an external IT support company that specialises in cyber security is also a good idea. Domain Digital not only specialises in preventative measures and ongoing, proactive day to day support of your system, we also have a cyber security education and training platform that can assist you and your staff form ever being “caught out”. Simply visit www.domaindigital.com.au or call (08) 9441 6300 to find out more.

Technology Co-Sourcing Saving Tens of Thousands for WA Business

Technology Co-Sourcing is saving WA Businesses tens of thousands of dollars in labour costs.  The increase in outsourced IT has been driven by the needs of the business community to have a partner who understands the commercial and technical element of their specific IT infrastructure. Therefore, it is important that you choose the right partner to deliver your business needs.

What is Co-Sourcing?

Co-sourcing is the ability to not just have an outsourced IT company, but an internal IT resource, on site, in your offices, but can be any one of up to 8 different techs, depending on the needs of your business at any given time.

Rather than employing a single IT Manager for say, an annual wage of $120,000, or a level 1 tech for $60,000 annually, you could have a team of IT experts, from senior engineers with over 25 years experiences all the way to a team of level 1 technicians on call for you, for less than the cost of one employee. 8 for the price of one, just must be good for the company bottom line, doesn’t it?

Co-sourcing is the ability to not just have an outsourced IT company, but an internal IT resource, on site, in your offices, but can be any one of up to 8 different techs, depending on the needs of your business at any given time.

IT Managers need outsourced help too.

A lot of IT managers just simply don’t have enough hours in the day to do everything they want to do. This is not to say that by outsourcing IT you have to make the role of the IT Manager redundant, it is important to understand there can be a need for both in order to maximise time and resource. The IT Manager can work with an outsourced technology partner to develop strategy and to deliver commercial improvements for your business thus increasing productivity and efficiency.

The number one reason for not outsourcing IT is that companies believe they cannot afford to do so. With the rapid increase in Cyber Crime and with the constant changes in the tech world can you really afford not to?

A technology partner should be an investment and a way to improve the overall function of technology within your business, improving the efficiency of both the infrastructure and your employees. The decision you make on which partner you choose will define whether this is a cost to your business or a value.

Co-Source your IT with Domain Digital.

Have you considered a co-source arrangement? For less than the cost of on-boarding one new employee in your IT department, partnering with Domain Digital gives you access to an entire team of people with a wealth of experience and knowledge, all for you to utilise to improve your business. To find out more, call Damian on 0407 446 473 to arrange an obligation free discussion on how Domain Digital can add value to your business.

Business email compromise – a fast growing scam, how not to be a victim.

Cyber.gov.au recently advised that the Melbourne Joint Cyber Security Centre (JCSC) hosted a two-hour seminar yesterday on Business Email Compromises (BECs), which many cyber security experts consider to be the major current cybercrime threat to business.

The seminar provided information to small and medium business representatives, as these sectors are particularly targeted by cybercriminals who are perpetrating BECs.

The JCSC worked with Small Business Victoria, the Victorian Small Business Commissioner and the ACCC’s Consumer and Small Business Strategies Branch, to invite key Victorian business stakeholders to yesterday’s event.

Business Email Compromise (BEC) is an online scam where a cybercriminal impersonates another business representative to trick an employee, customer or vendor into transferring money or sensitive information to the scammer.

Around 90 representatives attended the session in Melbourne, with the event video-conferenced across the country including to regional Victoria and Hobart.

The session was presented by a panel of five industry and government cyber security experts including Alex Tilley, e-Crime Lead for the Counter Threat Unit at Secureworks.

‘When you realise 41% of Australian businesses have no cyber security governance, it isn’t surprising they’re being targeted so specifically by cybercriminals. Australian businesses need to act fast and take their cyber security as seriously as other commercial risks,’ Mr Tilley said.

The experts provided a comprehensive examination of what BECs are, why they are so harmful, who are perpetrating BECs, how they are evolving, how government helps businesses, and the actions businesses can take to prevent themselves from becoming victim.

What is Business Email Compromise?

Business Email Compromise (BEC) is an online scam where a cybercriminal impersonates another business representative to trick an employee, customer or vendor into transferring money or sensitive information to the scammer.

Because these scams don’t often use malicious links or attachments, they can get past anti-virus programs and spam filters. These emails can include invoices or fines that may include threats to cancel your service or charge an excessive penalty if you don’t pay immediately.

This type of attack, due to the low implementation cost and high returns, is quickly becoming one of the fastest growing online business scams.

In Australia business email compromise has resulted in more than $20 million in associated losses across 2016-17.

Criminals are constantly developing increasingly sophisticated BEC techniques that often include a combination of social engineering, email phishing, email spoofing and malware.

What we’re seeing

The ACSC is responsible for building cyber resilience across the whole of the economy by supporting governments, large corporate and small and medium business, academia, the not-for-profit sector and the Australian community.

This type of attack, due to the low implementation cost and high returns, is quickly becoming one of the fastest growing online business scams.

Over the past three months the Centre’s global monitoring team has been on hand to assist business owners who have been impacted.

The team has received dozens of BEC incidents, requests or notifications from individuals and affected organisations in the private, academic, government and critical infrastructure sectors.

A large portion of the enquiries came from the construction industry, in part due to the high percentage of transactions between builders and their suppliers.

One instance included the owner of a small cabinet-making business who received and paid an invoice for $40,000 from a local supplier whose email had been compromised. The phishing email used their supplier’s logos and branding to appear legitimate to the business owner, deceiving him into paying the full amount.

In another phone call a small construction supply company reported that one of their large construction clients received an email purporting to be from them, seeking to change their bank account details. The email had an invoice and email signature block that looked legitimate. Because the construction client confirmed the request with their supplier, no funds were lost.

The ACSC also noticed spikes in BEC attacks around tax time, most likely in an attempt to catch businesses off-guard during a busy point of the financial year.

How to protect and recover from a Business Email Compromise

The ACSC has developed comprehensive guidance to help organisations protect themselves from business email compromises.

Educating your staff, establishing a consistent business process for validating payment and information requests and protecting your network is vital to ensuring limited exposure to these types of scams.

Educating your staff, establishing a consistent business process for validating payment and information requests and protecting your network is vital to ensuring limited exposure to these types of scams.

Remember, if something doesn’t feel right, it probably isn’t. Encourage your staff to trust their instincts and check anything suspicious via a phone call or face-to-face. Organisations like Domain Digital have specific security training platforms that can not only test your staff to see if you have potential vulnerabilites, but then offer a training and education platform to ensure you’re as secure as possible.

For more information

Talk to us, we can advise and educate you and by taking a few simple steps to lock down your online security, together we can reverse the threat of cybercrime. Simply visit www.domaindigital.com.au or call (08) 6441 6300.

For more news and information relating to online threats and mitigation, visit Cyber.gov.au.

Ransomware (Malware) Costing Business Billions – How does it affect your Perth business?

According to Bella Wilkinson, Recruitment Insurance Broker at Gallagher’s, malware is the most predominant cybercrime threat in Australia, according to the Australian Cyber Security Centre (ACSC). And ransomware – a virulent type of malware – is a rising threat to businesses in Australia and abroad. But what is it? And how does it affect your business?

What is ransomware?

Ransomware is a type of malicious software (otherwise known as ‘malware’) that restricts people from accessing their computer or smartphone, or individual files stored on them. Attackers extort money from their targets by holding their device or data to ransom, often threatening to release or erase it to force payment.

Security vendor Symantec has seen an explosion in this type of malware across the globe, according to the latest Internet Security Threat Report 2016 (ISTR), and Australia is one of the most heavily affected regions. Symantec blocks an average of 250,000 potential ransomware-loading attachments every year in Australia alone, representing a 141 percent increase in attacks over the last year.

How can ransomware affect your business?

The services industry is the sector most affected by ransomware, accounting for 38 per cent of reported infections in the last year. Businesses in this sector, such recruitment agencies, handle high volumes of data and typically integrate with various internet services and applications that expose them to infections.

Recruitment agencies are particularly vulnerable to attacks. Downloading files like applications, CVs, portfolios and contracts is an essential and everyday function for a recruiter, but antivirus software may not always pick up on files that contain ransomware.

And what’s more, data (and the ability to access it) is the most important asset a recruitment agency has. You know that without it, you can’t process candidates or fill positions – and ransomware attackers know this too.

Ransomware is a type of malicious software (otherwise known as ‘malware’) that restricts people from accessing their computer or smartphone, or individual files stored on them. 

Calculating the cost of ransomware

As the threat of ransomware grows, so does the cost. In Australia:

  • Cybercrime has cost $1.2 billion in the past year;
  • An average 24,000 attacks occur each day, costing between $420-$700 per incident; and
  • 13.7 hours are lost per attack.

But a ransomware attack implications beyond the cost of the ransom itself. Businesses that experience a ransomware attack face:

  • Cost of replacing compromised devices
  • Loss of proprietary data
  • System downtime, which affects ability to operate
  • Reputational damage
  • Potential legal penalties arising from poor security or handling of data

Is your business prepared for ransomware?

Most businesses have an IT policy and a disaster recovery plan, but surprisingly few are adequately prepared to handle a ransomware attack. This is in part because they don’t understand the risks, and because ransomware threats evolve at a pace that antivirus software struggles to keep up with.

As a business owner/manager, ask yourself:

  • What would you do if you received a ransom demand? Would you turn to your Head of IT, the legal department, law enforcement, or someone else?
  • How would your business cope if it lost access to its data? Would you still be able to contact candidates and clients?
  • What would you do if an attacker threatened to release your database? What would happen if personal information about your staff and clients was released?

Having an executable plan for a ransomware attack is the key to minimising its impact on your business.

Recruitment agencies are particularly vulnerable to attacks. Downloading files like applications, CVs, portfolios and contracts is an essential and everyday function for a recruiter, but antivirus software may not always pick up on files that contain ransomware.

How to deal with a ransomware infection

If you experience a ransomware infection, you should follow these steps:

  • Isolate the infected computer. Disconnecting infected laptops, computers and smartphones help prevent the ransomware attacking other network drives.
  • Don’t pay the ransom. There’s no guarantee that an attacker will decrypt your files or restore access to your advice, and the ransom may be used to fund attacks against others. Explore your options first.
  • Explore your options. You can restore any damaged files from a backup and minimise the amount of time your system is down. As a rule, you should be backing up at least once a day. You can also attempt to decrypt your files, accept the loss of data and wipe your infected drives, or pay the ransom.

Are you prepared for a ransomware? Engaging a proactive IT support partner, like Domain Digital, can ensure you are as protected as possible and in the event of an attack, back up and running as quickly as possible with minimal data loss and system downtime. Visit www.domaindigital.com.auor call us on (08) 9441 6300 to find out how we can help protect you.

Hacking your holiday: How Perth travellers are being increasingly targeted by cyber criminals

Imagine if a hacker shut down the baggage handling system of one of the world’s busiest airports. Or took control of a fleet of autonomous delivery trucks and re-routed them to disrupt rush hour traffic in a major metropolis.

What if the hacker then demanded a ransom to unlock the digital networks they’d hijacked? Joe Burton of the University of Waikato wrote that according to the latest State of the Internet report from Akamai, one of the world’s largest providers of computer servers and networks, these scenarios aren’t fantasies of some distant dystopia. They are just around the corner.

Technology continues to evolve with advances in artificial intelligence, automation, biometrics and a rapidly expanding Internet of Things. With this comes an increasing and potentially catastrophic risk of malicious actors bringing digital infrastructure and the societal services that rely on it to a grinding halt.

Even if we’re not quite there yet, there are several worrying trends highlighted in the report that show what cyber security professionals are already confronting.

DDoS for hire

The first concern relates to an increasing frequency and volume of Distributed Denial of Service (DDoS) attacks — up 16% in the last year. These attacks bombard computers with huge amounts of data. They are used by malicious actors to disrupt and delay networks and make them unavailable to their users. The most famous DDoS attacks were against Estonia in 2007, shutting down banks, media organisations and government ministries.

Technology continues to evolve with advances in artificial intelligence, automation, biometrics and a rapidly expanding Internet of Things. With this comes an increasing and potentially catastrophic risk of malicious actors bringing digital infrastructure and the societal services that rely on it to a grinding halt.

Fast forward a decade and the volume of data harnessed in such attacks has increased exponentially. According to the Akamai report, the largest DDoS attack in history was recorded in February this year against a software development company. It involved a data flow of 1.35 terabytes (1,350 gigabytes) per second. The Southern Cross Cable connecting Australia and New Zealand’s internet has an estimated overall capacity of greater than 22 Tbps — due in large part to recent upgrades. Such a high-volume attack directed at a single choke point could have a big impact on transcontinental and national internet speeds.

Perhaps even more concerning is that DDoS technologies are being commercialised and sold to cyber criminals on “DDoS-for-hire” websites.

They’re also becoming more sophisticated. Previously seen as a fairly simple way of exploiting internet traffic, the latest DDoS attacks exhibit more novel ways of creating “botnets” (networks of compromised computers) to redirect data flows against a target. According to the Akamai report, attackers have been paying attention to mitigation efforts and changing the nature of their attacks as they unfold.

Hacking holidays

Cyber criminals will invariably look for the weakest links. This might be individuals who never update their passwords and use unidentified Wi-Fi networks without due diligence. Or it could be particular commercial sectors that are lagging behind in cyber security standards.

The Akamai report highlights that in the last year organised cyber criminals are increasingly targeting the tourism market. A staggering 3.9 billion malicious login attempts occurred during the last year against sites belonging to airlines, cruise lines, hotels, online travel, automotive rental and transport organisations.

Finding out who is responsible is a trickier problem. Evidence suggests that exploitation of hotel and travel sites is mostly emanating from Russia and China, and it’s possibly the work of organised cyber criminals targeting tourists for easy gain. But more work needs to be done to map cyber crime and understand the complex criminal networks that underpin it.

It’s not all doom and gloom

While the report warns of larger more destructive DDoS attacks before the end of 2018, it’s not all doom and gloom. The potential for cooperation is also evident.

In April 2018, the Dutch National High Tech Crime Unit and the UK National Crime Agency ran the appropriately named “Operation Power Off”. This targeted a DDoS-for-hire site that was responsible for somewhere between four and six million DDoS attacks over its lifetime. The successful operation led to arrests and likely criminal prosecutions.

These sorts of high level cyber crime collaborations are growing in frequency and strength. Our own national Computer Emergency Response Team (CERT) in New Zealand, for example, is working with its Australian counterpart — and CERTs all around the Asia Pacific region — to identify and counter cyber crime.

The New Zealand government is currently consulting on a “refreshed” national cyber security strategy, and new powers have been invested in the Australian Signals Directorate to combat, prevent and disrupt cybercrime committed outside of Australia. So, it appears Trans-Tasman responses to these problems are growing teeth too.

 To ensure your businesses cyber security is at the forefront of what’s available, contact Domain Digital on (08) 9441 6300 or simply visit www.domaindigital.com.au to find out how to ensure you’re as safe as possible.

Beware of Phishing after Cathay Pacific data theft – is your business more secure than they were?

Cyber.gov.au reported that scammers often take advantage of incidents to trick people into sharing personal or financial information.

Cathay Pacific Airways Limited announced in October of 2018 that there had been ‘unauthorised access’ to passenger data of approximately 9.4 million people, who were travellers with the company and its wholly owned subsidiary, Hong Kong Dragon Airlines Limited.

Although Cathay Pacific said it had no evidence that any personal information was misused, the airline is concerned about the subsequent phishing campaign for passenger information, which people may be tricked into responding to, regardless of whether their data was stolen.

Cathay Pacific Airways Limited announced in October of 2018 that there had been ‘unauthorised access’ to passenger data of approximately 9.4 million people, who were travellers with the company and its wholly owned subsidiary, Hong Kong Dragon Airlines Limited.

‘We are aware that attempted phishing is taking place, and would like to remind people that emails related to this data security event will only be sent from infosecurity@cathaypacific.com,’ Cathay Pacific said in an update on its website.

If you are concerned about an email you have received, Cathay Pacific recommended that you don’t click on any links, open any attachments or reply to it.

The airline is contacting affected passengers, has notified the Hong Kong Police and is notifying the relevant authorities.

So if you do receive an email about this data breach, avoid any phishing scams by checking that the ‘From address’ is infosecurity@cathaypacific.com. And remember that Cathay Pacific won’t ask you to provide any personal or financial information, or your password.

If you would like to ensure you don’t have the negative press, loss of data or that your staff are well educated on how to prevent Phishing attacks, call Domain Digital on (08) 9441 6300 and ask about our comprehensive Phishing and Cyber Security education and training platform.

Data Breaches Affecting Perth Businesses – What happens, what gets stolen, where does it go?

TrendMicro are one of the world leaders in antivirus supply and data security prevention. Trend has noted that though people have reached a seeming point of desensitisation to news citing a data breach, protecting user data has become increasingly important amid stricter regulation implementation.

Companies are no longer just required to announce that their systems have been breached but also pay fines that can reach up to 4 percent of their annual turnover should they deal with the data belonging to European Union (EU) citizens in accordance with the General Data Protection Regulation (GDPR) requirements.

Just this year, big names such as Equifax, British Airways, Cathay Pacific, Macy’s, Bloomingdale’s, and Reddit have joined the ever-growing list of breach victims. Compromised data is a subject that needs the public’s full attention.

Just this year, big names such as Equifax, British Airways, Cathay Pacific, Macy’s, Bloomingdale’s, and Reddit have joined the ever-growing list of breach victims. Compromised data is a subject that needs the public’s full attention.

Data breaches can result in the loss of millions, even billions, of private records and sensitive data, affecting not just the breached organisation, but also everyone whose personal information may have been stolen.

What is a data breach?

A data breach occurs when a cybercriminal successfully infiltrates a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files or by bypassing network security remotely. The latter is often the method used to target companies. The following are the steps usually involved in a typical a breach operation:

  1. Research: The cybercriminal looks for weaknesses in the company’s security (people, systems, or network).
  2. Attack: The cybercriminal makes initial contact using either a network or social attack.
  3. Network/Social attack: A network attack occurs when a cybercriminal uses infrastructure, system, and application weaknesses to infiltrate an organisation’s network. Social attacks involve tricking or baiting employees into giving access to the company’s network. An employee can be duped into giving his/her login credentials or may be fooled into opening a malicious attachment.
  4. Exfiltration: Once the cybercriminal gets into one computer, he/she can then attack the network and tunnel his/her way to confidential company data. Once the hacker extracts the data, the attack is considered successful.

Data breaches can result in the loss of millions, even billions, of private records and sensitive data, affecting not just the breached organisation, but also everyone whose personal information may have been stolen.

What are the biggest breaches to date?

The following table shows the 10 biggest breach incidents reported to date:

Company/Organization Number of Records Stolen Date of Breach
Yahoo 3 billion August 2013
Equifax 145.5 million July 2017
eBay 145 million May 2014
Heartland Payment Systems 134 million March 2008
Target 110 million December 2013
TJX Companies 94 million December 2006
JP Morgan & Chase 83 million (76 million households and 7 million small businesses) July 2014
Uber 57 million November 2017
U.S. Office of Personnel Management (OPM) 22 million Between 2012 and 2014
Timehop 21 million July 2018

What types of data are usually stolen?

The motive of a cybercriminal defines what company he/she will attack. Different sources yield different information. The following are examples of common targets with details on what kind of data was stolen:

Business

  • Timehop (July 2018)
    Mobile App Vendor
    The data of the start-up’s 21 million users was exposed for around 2 hours due to a network intrusion on 4 July.
  • Reddit (June 2018)
    Content Aggregator
    Hackers gained access to an old database of users (the exact number of those affected has not been revealed) on 19 June.
  • Dixons Carphone (June 2018)
    Retailer
    An estimated 10 million customers could be affected by the hacking attack on its network sometime last year. The compromised data may include personal information like names, addresses, and email addresses. Some 5.9 million payment card records (nearly all of which are protected by the chip-and-PIN system though) may have been accessed as well.
  • Equifax (July 2017)
    Information Solutions Provider
    The major cybersecurity incident affected 143 million consumers in the U.S. Initially discovered on 29 July, the breach revealed the names, Social Security numbers, birth dates, and addresses of almost half of the total U.S. population. With investments in 23 other countries worldwide, around 400,000 U.K. customers were also reportedly affected. Final findings revealed a total of 145.5 million exposed records.
  • Ashley Madison (July 2015)
    Social Media Website
    Hacktivists stole and dumped 10GB worth of data on the Deep Web. This included the account details and personally identifiable information (PII) of some 32 million users, as well as credit card transactions.
  • Target (January 2014)
    Retailer
    Hackers penetrated the vendor’s network and infected all of its point-of-sale (PoS) machines. They were able to expose nearly 40 million debit and credit cards to fraud. The information stolen included PINs, names, and banking information.

Medical/Healthcare

  • SingHealth (July 2018)
    Medical/Healthcare Service Provider
    The nonmedical personal data of 1.5 million patients was reportedly accessed and copied, including their national identification number, address, and date of birth as part of the attack. The stolen data also included the outpatient medical data of 160,000 patients.
  • Hong Kong Department of Health (July 2018)
    Federal Agency
    The government agency was hit by a ransomware attack that rendered its systems inaccessible for two weeks starting 15 July.
  • Anthem (May 2015)
    Medical/Healthcare Service Provider
    An attack that started in April 2014 resulted in the theft of more than 80 million records of current and former customers. The data stolen included names, birthdays, social IDs, email addresses, and employment information

Government/Military

  • U.K. military contractor (May 2017)
    Military Contractor
    Sensitive data from a military contractor was extracted by a targeted attack group from the military contractor’s network using a backdoor identified as RoyalDNS.
  • U.S. OPM (April 2015)
    Federal Agency
    Hackers gained access to more than 18 million federal employee records, including Social Security numbers, job assignments, and training details.

Banking/Credit/Financial

  • Deloitte (October/November 2016)
    Accountancy Firm
    The firm was targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients. The attack was discovered in March 2017 though findings revealed though the hack may have been launched as early as October or November 2016.
  • JP Morgan Chase & Co. (October 2014)
    Credit Service Provider
    The data of an estimated 76 million households and 7 million small businesses was compromised. The information included names, addresses, phone numbers, email addresses, and others.

Educational

  • University of Maryland (March 2014)
    Educational Institution
    More than 300,000 student, faculty, and staff records going as far back as 1998 were compromised though no financial, medical, or academic information was included. The stolen data included names, birth dates, university ID numbers, and Social Security numbers.
  • University of Greenwich (2004)
    Educational Institution
    The university was fined ₤120,000 for exposing the personal data of students, including names, addresses, dates of birth, signatures, and in some cases even medical information, on a microsite that was left unsecured since 2004.

Where does all the stolen information go?

Based on the data stolen, here are specific types of information that are of value to cybercriminals. Hackers search for these data because they can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft, and even blackmail. They can also be sold in bulk in Deep Web marketplaces, things like:

  • Member name
  • Date of birth
  • Social Security number
  • Member identification number
  • Email address
  • Mailing and/or physical address
  • Telephone number
  • Banking account number
  • Clinical information
  • Claims information

End users are almost never the target of cybercriminals who are out to steal sensitive information in bulk, unless an individual is connected to an industry. However, end users can be affected when their records were part of the information stolen from big companies. In such cases, it is best to take note of the following practices.

  • Notify your bank. Verify your account details and change PIN codes.
  • Double-check email addresses from incoming emails. Cybercriminals can pose as bank representatives and ask for credentials.
  • Do not click suspicious-looking links or download files from unknown sources.
  • If credentials or financials have been tampered with, contact the breached company and ask if they can assist in enrolling you to a fraud victim assistance program.

Working with a proactive IT Support partner like Domain Digital can be of massive value and benefit to an organisation. As well as being on top of world developments in cyber crime and how to align and protect your network, Domain Digital also has a Cyber Security Education and Training Platform that can be rolled across an organisation, teaching and educating staff how not to be a victim, ensuring your business is secure both from a network protection standpoint, and staff education. Visit www.domaindigital.com.au or call (08) 9441 6300 to find out more.

Data Breaches – Think it won’t happen to you?

According to www.theconversation.com, Reports of data breaches are an increasingly common occurrence. In recent weeks, TicketmasterHealthEnginePageUp and the Tasmanian Electoral Commission have all reported breaches. It is easy to tune out to what is happening, particularly if it’s not your fault it happened in the first place. But there are simple steps you can take to minimise the risk of the problem progressing from “identity compromise” to “identity crime”.

In 2012 former FBI Director Robert Mueller famously said: “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”

The types of personal information compromised might include names, addresses, dates of birth, credit card numbers, email addresses, usernames and passwords.

In some cases, very sensitive details relating to health and sexuality can be stolen.

What’s the worst that can happen?

In most cases, offenders are looking to gain money. But it’s important to differentiate between identity compromise and identity misuse.

Identity compromise is when your personal details are stolen, but no further action is taken. Identity misuse is more serious. That’s when your personal details are not only breached but are then used to perpetrate fraud, theft or other crimes.

The types of personal information compromised might include names, addresses, dates of birth, credit card numbers, email addresses, usernames and passwords.

Offenders might withdraw money from your accounts, open up new lines of credit or purchase new services in your name, or port your telecommunication services to another carrier. In worst case scenarios, victims of identity crime might be accused of a crime perpetrated by someone else.

The Australian government estimates that 5% of Australians (approximately 970,000 people) will lose money each year through identity crime, costing at least $2.2 billion annually. And it’s not always reported, so that’s likely a conservative estimate.

While millions of people are exposed to identity compromise, far fewer will actually experience identity misuse.

But identity crime can be a devastating and traumatic event. Victims spend an average of 18 hours repairing the damage and seeking to restore their identity.

It can be very difficult and cumbersome for a person to prove that any actions taken were not of their own doing.

How will I know I’ve been hacked?

Many victims of identity misuse do not realise until they start to receive bills for credit cards or services they don’t recognise, or are denied credit for a loan.

The organisations who hold your data often don’t realise they have been compromised for days, weeks or even months.

And when hacks do happen, organisations don’t always tell you upfront. The introduction of mandatory data breach notification laws in Australia is a positive step toward making potential victims aware of a data compromise, giving them the power to take action to protect themselves.

What can I do to keep safe?

Most data breaches will not reveal your entire identity but rather expose partial details. However, motivated offenders can use these details to obtain further information.

Many victims of identity misuse do not realise until they start to receive bills for credit cards or services they don’t recognise, or are denied credit for a loan.

These offenders view your personal information as a commodity that can be bought, sold and traded in for financial reward, so it makes sense to protect it in the same way you would your money.

Here are some precautionary measures you can take to reduce the risks:

  • Always use strong and unique passwords. Many of us reuse passwords across multiple platforms, which means that when one is breached, offenders can access multiple accounts. Consider using a password manager.
  • Set up two-factor authentication where possible on all of your accounts.
  • Think about the information that you share and how it could be pieced together to form a holistic picture of you. For example, don’t use your mother’s maiden name as your personal security question if your entire family tree is available on a genealogy website.

And here’s what to do if you think you have been caught up in a data breach:

  • Change passwords on any account that’s been hacked, and on any other account using the same password.
  • Tell the relevant organisation what has happened. For example, if your credit card details have been compromised, you should contact your bank to cancel the card.
  • Report any financial losses to the Australian Cybercrime Online Reporting Network.
  • Check all your financial accounts and consider getting a copy of your credit report via EquifaxD&B or Experian. You can also put an alert on your name to prevent any future losses.
  • Be alert to any phishing emails. Offenders use creative methods to trick you into handing over personal information that helps them build a fuller profile of you.
  • If your email or social media accounts have been compromised, let your contacts know. They might also be targeted by an offender pretending to be you.
  • You can access personalised support at iDcare, the national support centre for identity crime in Australia and New Zealand.

The organisations who hold your data often don’t realise they have been compromised for days, weeks or even months.

The vast number of data breaches happening in the world makes it easy to tune them out. But it is important to acknowledge the reality of identity compromise. That’s not to say you need to swear off social media and never fill out an online form. Being aware of the risks and how to best to reduce them is an important step toward protecting yourself. To get some expert advice, or to ensure you are as protected as possible, visit www.domaindigital.com.au or call us on (08) 9441 6300 to see how we can help you.

For further information about identity crime you can consult ACORNScamwatch, or the Office of the Australian Information Commissioner.

If you are experiencing any distress as a result of identity crime, please contact Lifeline.

Fed up with Phishing? Do you trust your staff not to “click here”?

Cyber.gov.au asks, “Would you ‘click here’ and enter your bank account or credit card numbers, passwords or birthdate because you received an email or text that looks like it’s from a bank or government department?”

If you answered ‘yes’, there’s no need to feel ashamed. Cyber criminals are tricking more and more of us into sharing our most sensitive information. It’s the most common type of scam reported in Australia, according to the latest data.

These phishing scams are designed to look genuine. You may be contacted by email, social media, phone call or text message by a scammer pretending to be from a company or organisation.

In the latest example, the Department of Human Services issued a scam alert on Twitter about a Medicare-themed phishing campaign via SMS, with scammers seeking to elicit personal information from members of the public.

It’s easy to be taken in if you’re not aware of the techniques being used against you. These phishing scams are designed to look genuine. You may be contacted by email, social media, phone call or text message by a scammer pretending to be from a company or organisation.

‘Phishing campaigns can pretend to be from government services such as myGov or from various Australian financial institutions.’ the Head of the Australian Cyber Security Centre (ACSC), Alastair MacGibbon, said.

The messages often copy the format used by the organisation the scammer is pretending to represent, including branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address, and then capture your personal information.

‘Phishing might be the most common scam reported in Australia, but we can all get smarter online and better protect ourselves, and there are steps you can take to protect yourself too.’

‘The first step is to be aware. The second is to do something about it,’ Mr MacGibbon said. Companies like Domain Digital can not only align your network to be as secure as possible, preventing the majority of Phishing attempts from even entering your staff’s email inbox’s, but also have a comprehensive phishing security education and training platform they can run at your company.

Attempts are also made to compromise businesses through targeted phishing attacks.  Small businesses in particular are targeted by themed phishing emails from contractors whose systems have been compromised.

Protect yourself and report the scam

You can better protect yourself by following these tips:

  • Don’t open or click on links in emails or messages from people or organisations you don’t know.
  • Don’t open attachments in unsolicited messages.
  • Remember that reputable organisations locally and overseas – including banks, government departments, Amazon, PayPal, Google, Apple, and Facebook – don’t call or email to verify or update your personal information.
  • Before opening an email, consider who is sending it to you and what they are asking you to do. If you’re unsure, call the organisation you suspect the suspicious message is from using contact details from a verified website or other trusted source.
  • Use email, SMS or social media providers that offer spam and message scanning.
  • Don’t provide personal information to unverified sources.
  • Use two-factor authentication (2FA) on all essential services such as email, bank and social media accounts, because this way of ‘double checking’ identity is stronger than a password. With 2FA, you need to provide two things, your password and something else such as a code sent to your mobile device or your fingerprint, before you – or anyone pretending to be you – can access your account.

The messages often copy the format used by the organisation the scammer is pretending to represent, including branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address, and then capture your personal information.

If you feel a message you have received is a fake, here are some ways to verify the message:

  • Read the message carefully, looking for tracking numbers, names, attachment names, sender, message subject and URLs. Hover your mouse over links to see the web address.
  • Google the extracted information to see if others have reported it as malicious.
  • Call the organisation that appears to have contacted you and check the details or the request.
  • Use other methods such as the organisation’s mobile phone app, web site or social media page to verify the message.

To recover from phishing:

Contact Domain Digital, or whomever you IT support partner is, and ensure they:

  • Change any passwords you have revealed.
  • Inform the organisation the scammer pretended to be from.
  • Contact your bank immediately if you’ve sent money or personal banking details to a scammer.
  • If you believe your personal information has been put at risk, IDCare is Australia and New Zealand’s national identity and cyber support service and is available on 1300 432 273.
  • Report scams to the Australian Competition and Consumer Commission’s Scamwatch to help protect your friends, family and workmates.
  • If the phishing has led to a crime, file a report with Australian Cybercrime Online Reporting Network (ACORN).
  • For more advice about the latest threats and how to protect yourself online, sign up to the free Stay Smart Online Alert Service.

To report a cyber security incident, visit cyber.gov.au or call 1300 292 371.

To find out more about Domain Digital’s “Phishing Prevention Education and Training Platform” simply visit www.domaindigital.com.au or call (08) 9441 6300.

1 2 3 7

Want to know more about how Domain Digital’s IT services in Perth could be of value to your business?