When it comes to high tech crime, unfortunately the maxim “history repeats itself” is proving true all too often lately. COVID-19 has attracted cyber criminals en masse - one research agency reporting a 650 per cent-plus increase in COVID-19-related phishing attacks involving emails and/or text messages. All seek a click on some kind of embedded link from an unwitting victim. Problem is, the link is not the legitimate external website or attachment it appears to be, and the split second that is spent clicking it open can unleash chaos across computers, companies, and all related networks.
Most recently brewer Lion Dairy & Drinks was hacked, and another cyber breach incurred at Bluescope Steel which halted production. In April, customer information from Service NSW was accessed after 47 employees’ email accounts were hacked. Adding to the problem is the fact cybercrime was already on the rise well before these pandemic-driven attacks. Some of the biggest breaches included Toll Logistics’ deliveries being thrown into disarray after a cyber-attack at the start of the year. The first data breach class action in Australia was settled in the Supreme Court of NSW only last December (involving misuse of ambulance workers’ personal details), and now data and privacy breaches are expected to be one of the major growth areas in class actions over the next two years.
Amid all these crises comes the warning that cyber breaches at commercial property firms, small and large, are also on the rise. Commercial property is particularly vulnerable to cyber-attacks according to Korda Mentha executive director Brendan Read. Mr Read, a former detective from the Queensland Police High Tech Crime Investigation Unit and with over 15 years’ experience in giving evidence in criminal and civil cases, points to the main reason being large sums involved in commercial property transactions.
“The property industry was being targeted a good 12 months before COVID-19,” Mr Read said. “While all sizes of companies were being hit we were seeing quite a number of smaller operations such as conveyancers without the same levels of set-up as the larger corporates suffering cyber breaches as they are major conduits of information and funds.”
Within large commercial property firms, the dangers can be enormous. “The draw is the extremely high values that can be involved in commercial property transactions, or simply in a single transaction,” Mr Read said. “The cybercriminal might only have a very small window of time to make their move, so they want to make sure they’re in a computer network at the right time. Once they are inside the network they will sit there for a considerable amount of time, monitoring emails, looking at who’s who and who is speaking to each other so they can strike at the appropriate time.”
This is exactly why breaches are so concerning, Mr Read said, as whichever way a cybercriminal taps into a network or breaks through the firewall of a major corporate, they will then sit and wait – for not only hours or days but months.
One of the most concerning and telling statistics comes from IBM’s 2019 Cost of a Data Breach Report which shows the average time to identify a cyber security breach is 206 days. “In every cyber job I’m involved in there is always an extended period of time involved before it is detected,” Mr Read said. “So that is really a very scary statistic.”
How cybercriminals gain entry to a network is another issue. Most recently, notable examples have been the fake donation requests from sources purporting to be the World Health Organisation or a similar health-related governing body. Once a link to an external site it unwittingly clicked, a computer network breach can be perpetrated.
Now the restrictions being slowly relaxed across the nation have created another risk: greater use of public wi-fi. “People, employees, are wanting to get out and about now, work in cafes and be on the move,” Mr Read said. “But they’re more likely to be using public wi-fi, connecting to their businesses and doing their banking while using wi-fi hotspots – and connecting to public wi-fi is really very high-risk.”
This is mainly due to the ease with which the right software or malware can be used to tap into surrounding users’ computers. “If a cybercriminal has the right set-up they can see via a public wi-fi network all the traffic passing through the networks around them,” Mr Read said.
The main causes of suspicion include emails containing links to external sites. These pose particularly heightened levels of risk, as do emails containing attachments along with any correspondence or email that hints at a change in payment details. Mr Read said authorities also recently highlighted the increased incidence of breaches via video teleconferencing platforms. “Cyber criminals have been able to 'hijack' various meetings on platforms such as Zoom and disrupt the virtual meetings,” he said.
So – how to defend yourself, your corporation and your own computer? While all the money in the world can be thrown at cyber barriers, virus protection software and spam filters, people are the first line of defence, Mr Read said. He recommends the first port of call be following the ‘Essential Eight’ used by the Australian Signals Directorate. First published in April 2017, the latest version is April this year. (cyber.gov.au/publications/essential-eight-explained).
Many of the Essential Eight are exceedingly simple yet neglected by those who are hacked. “Some of are not hard to implement,” Mr Read points out. “They can be as simple as updating your Windows operating policy which in a large company will happen automatically but for a sole trader or someone working from home becomes a chore they put off till later – and then forget to do.
“Your people are your biggest asset and your biggest risk. The best way to combat any of these attacks is through training and it’s not a one-off tick-a-box exercise.”