With new and evolving cybersecurity threats emerging almost daily, the risk to business is greater than ever, with a 2022 study by IBM reporting that the average cost of a data breach in Australia is now $4.4 million. The good news is that this is less than the global average of $6.2 million. The bad news is that the escalation of cybersecurity threats shows no sign of slowing anytime soon.
So, the question is, how do you keep your organisation safe in such a hostile cyber environment? The best place to start is by educating yourself on the nature of cybersecurity risks and the options available to help mitigate them.
In this post we discuss the top five cybersecurity threats to be aware of in 2023. These are the most common threats that we see in our work helping clients to both mitigate these risks and respond to incidents.
Phishing is one of the most common forms of attack whereby fake emails are sent purporting to be from sources familiar to the target, such as the Commonwealth Bank, Australia Post or Microsoft. The goal of phishing is to trick individuals into granting access to secure systems by either handing over password details or allowing the installation of malware onto their computer. Once the attacker has gained access to company systems, they may explore and plan their next steps undetected.
Protecting against Phishing
There are several ways to protect your organisation against phishing attacks, such as:
- Multi-factor Authentication: Even if an attacker obtains password details, MFA will protect the user account security. Most modern applications support MFA natively, but it may not be enabled by default. For applications that do not support MFA, or for more complex requirements, add-on MFA solutions are available.
- Email filtering: Effective email filtering will stop a large portion of phishing emails before they even reach employee inboxes. All of the major email platforms such as Microsoft Office 365 come with a basic level of email filtering, with more advanced filtering available as required.
- User education: Employee cyber-awareness is critical to recognising and not engaging with phishing attacks. An educated workforce is an extremely effective risk mitigation strategy.
Business Email Compromise
Business email compromise is a strategy used by attackers to defraud a target company, employed once they have gained access to secure systems via other means. With access to company systems, they will gather information regarding financial processes, payment systems and client relationships. They will monitor email communications to learn who in the organisation has financial authority and the language and methods that they use to communicate.
Once they have the information that they need, attackers will then seek to deceive employees, clients and business partners into making payments to their bank accounts rather than genuine ones. These fraudulent requests for funds can be difficult to identify and lost funds can be challenging to trace and recover. The potential for direct financial loss through business email compromise is significant.
Protecting against Business Email Compromise
There are several ways to protect against Business Email Compromise, such as:
- Multi-factor Authentication: MFA is an effective defence against many user account attacks, helping to protect account security even in the event that a password is compromised.
- User education: Employees involved in financial transactions must be particularly vigilant for potential threats and take all necessary precautions.
- Verification processes: Secondary verification (such as a phone call) on all financial transactions and change of detail requests can help to identify attempted fraud before it’s too late.
Cybercriminals will often seek to gain the trust of their targets in order to elicit the information that they need to breach secure systems. Any form of social interaction with the malicious intent of gaining access to secure systems can be considered social engineering. A common approach is to create fictitious personas on social media which are then used to establish fake relationships with potential victims and trick them into allowing access to company systems.
Protecting against Social Engineering
Strategies to mitigate the risk of Social Engineering can include:
- User education: All employees should be trained to identify potential social engineering threats and to respond accordingly.
- Endpoint protection: All computers should be protected with advanced endpoint protection software to detect and block the installation or execution of malicious software.
- Multi-factor Authentication: MFA provides an effective defence against user account breach even in the event of a password being compromised.
Ransomware is a particular form of malicious software (aka malware) that, once active within a computer system, will encrypt critical data rendering it inaccessible until a ransom is paid. Unfortunately for some business owners, even when a ransom is paid, access to the data is not always restored. Ransomware is responsible for some of the largest and highest profile security incidents in recent times. A ransomware attack can be devastating to any organisation, grinding operations to a halt.
Protecting against Ransomware
All forms of malware including ransomware can be mitigated with strategies such as:
- Endpoint protection: All computer systems must be protected with advanced endpoint protection software.
- System updates: Computer systems without up-to-date software and operating systems are a common weakness that attackers can exploit.
- Isolated backups: Not only should backups be monitoring and tested regularly, but a copy should be stored separately and unattached to the main systems to protect attackers from being able to compromise backups.
- User education: Human error is common factor in many malware infections. Training employees to recognise a potential malware infection and respond accordingly is critical.
Supply Chain Attack
A supply chain attack is a form of cyber-attack that targets an organisation indirectly via less secure partners in their supply chain, most commonly software vendors. The malicious actors look to compromise a particular software application which, once deployed in the target organisation’s network, will then allow unauthorised access to company systems.
Although not strictly a supply chain attack, it’s worth noting the importance also of supply change cyber-resilience. An attack on your supply chain may prove to be just as disruptive as an attack through your supply chain.
Protecting against Supply Chain Attack
- Risk management: Include Supply Chain in risk management plans, including disaster recovery and cybersecurity incidents.
- Least trust security: Limit supplier access to the minimum required.
- Vendor security requirements: Incorporate clear vendor security requirements into supply agreements.
Watch our free on-demand webinar now: Managing the risk of supply chain attack
Cybersecurity starts with an understanding of the threats that your organisation may face, and the options available to you to mitigate those risks. From there you can prioritise and focus your cybersecurity efforts with confidence.
For help protecting your business, speak with one of our cybersecurity experts today.