With the recent high-profile cyber-attack and data breach on Australian telecommunications giant Optus, revealed about 10 million customers – about 40% of the population – had personal data stolen in what it calls a cyber-attack.
What Happened to Optus?
It is unclear how the attackers gained access to Optus’ systems or what type of data was stolen.
However, it is likely that the attackers used phishing emails to trick Optus employees into clicking on malicious links or attachments that installed the ransomware on their computers.
Once installed, the ransomware would have encrypted Optus’ files and displayed a message demanding a ransom be paid in order to decrypt them.
According to Bleeping Computer, a copy of the ransom note was posted on Pastebin along with two sample files (one PDF and one Excel spreadsheet).
The note demanded that Optus pay 1 BTC (approximately $1 million at current exchange rates) within one week or else the stolen data would be sold off in batches on Dark Web forums every two days.
The note also threatened to release all of the stolen data publicly if Optus did not comply with the demands. This is the latest in a string of ransomware attacks that have hit businesses around the world.
Of course, a data breach of this kind is making headlines around the world, it’s no wonder that businesses are starting to sit up and take notice of their own cyber-security shortcomings.
Some Cyber Security experts say it may be the largest data breach in Australia’s history.
It’s no secret that Australia has been lagging behind when it comes to cyber-security.
In fact, a recent report by the Australian Cyber Security Centre (ACSC) found that the country is about a decade behind where it should be in terms of its cyber-security readiness.
So, what does this mean for Australian businesses?
Well, for starters, it means that they are much more likely to be the target of an attack.
It also means that, if they are attacked, the damage is likely to be much greater.
This is because Australian businesses have not invested in the same level of cyber-security as their US and UK counterparts, and so they are not as prepared to deal with an attack.
The ACSC report found that there are three main reasons for Australia’s lack of readiness when it comes to cyber-security:
- We’re reliant on outdated technologies and infrastructure.
- We have a shortage of skilled cyber-security workers.
- We’re not investing enough in research and development.
These findings are particularly concerning when you consider the fact that Australia is currently facing an increase in cyber threats.
As a result of this ‘sophisticated cyber attack’, many Australian businesses are now facing a difficult decision:
Do they invest in expensive cyber-security measures, or do they risk becoming the victim of a costly attack?
The Cost of Cyber-Security
There’s no doubt about it – implementing effective cyber-security measures can be expensive.
However, the cost of not doing so can be even higher, in the UK.
The UK Government proposes fines of £17 million for businesses who fail to implement preventive measures.
One way to look at it is this: if your business was the victim of a cybercrime, would you rather spend £3000 on security measures to prevent it from happening again, or £17 million on recovery and repairs? The answer is obvious.
It’s important to remember that the cost of an attack goes beyond simply the money that is stolen or lost.
There is also the cost of downtime, reputation damage, and loss of customer trust.
In other words, if your business is attacked and you’re not prepared, the consequences could be devastating.
How business can Prepare for a Cyber-Attack
There are a number of steps that businesses can take to prepare for a cyber-attack:
- The most important thing is to ensure that you have MFA solutions for business on all devices.
- You should also have a strong next generation firewalls in place to protect your network from external threats.
- Furthermore, it’s important to educate your employees about good cybersecurity practices so that they can help protect your business from within.
- Finally, you should consider investing in penetration testing services so that you can identify any weaknesses in your system before an attacker does.
Cyber-security is an important issue for all businesses – large or small.
Unfortunately, Australia is lagging when it comes to implementing effective cyber-security measures.
This problem needs to be addressed urgently to protect businesses from the growing threat of attacks.
Investing in effective security measures now will help protect your business from attacks in the future and save you money in the long run.
So don’t wait – start preparing for a cyber-attack today contact the Cyber Security experts at Speedster IT !