Tips for Protecting Against Escalating Cyber Threats

February 22, 2024 - 6 minutes read
online banking

Image from Pixabay

Cyber incidents and their associated costs continue to rise in Australia. Find out about the most common cyber threats and what you can do to protect yourself and your organisation.

Cybercrime has been increasing in Australia for years and this is unlikely to go away any time soon. Cyber experts estimate it costs the Australian economy around $33bn annually.

It’s important to know that cyber threats can affect anyone. This includes individuals, small businesses, large corporations, governments, churches, charities, clubs – no one is completely immune!

What’s happening in cyber world

The ASD (Australian Signals Directorate) Cyber Threat Report for 2022-23 makes for some pretty sobering reading on this! Here are some of the stats compared to the previous year’s report:

  • Cybercrime reports are up by 23% at nearly 94,000.
  • The self-reported cost of cybercrime has risen 14% per report on average. This includes $46,000 for small enterprises and $97,000 for medium-sized businesses.
  • A cybercrime is reported to ASD every 6 minutes (was every 7 minutes previously).
  • Calls to the Australian cyber hotline have increased by 32%.

The ASD says that cyber awareness is growing in Australia, but so too is the sophistication of malicious actors!

Typical cyber incident examples:

  • Account compromises – where a criminal gains access to your bank account for example. From here they can not only steal your money but also your information and identity.
  • Phishing scams – the practice of sending fraudulent emails or SMS’s that try to trick you into providing your financial details or sending money for a ‘service’.
  • Ransomware – where a criminal locks up your data and demands a ransom to give you access, usually in cryptocurrency so it’s untraceable.
  • Hacking – gaining access to a network or system and then manipulating how it behaves.
  • Data breaches – where sensitive or personal information is accessed and shared with unauthorised parties. This can be accidental or occur due to a security breach.
  • Remote access scams – e.g. where you receive a message claiming your computer has a problem the sender can fix for a fee.

The most common cyber threat for individuals is identity theft. When a person experiences ID-theft they can find their bank account emptied, their credit cards maxed out, accounts opened in their name and worse.

For businesses (including not-for-profits) the most common types are online banking fraud and email compromise (e.g. phishing).

The cost to businesses is not only financial. It can also affect an organisation’s reputation and client relationships – where data breaches occur for example.

Cyber threat risk management: what you can do

Practising good ‘cyber hygiene’ goes a long way towards reducing your risk of harm and losses from cyber-attacks.

This includes:

  • Use of strong passwords or passphrases and changing these regularly.
  • Setting up multi-factor authentication for online activities – especially those involving finances.
  • Regularly backing up your files and data.
  • Switching on automatic software updates.
  • Staying aware of current cyber threats and training your workers in recognising and responding to scams. The ASD has an alert service for this (see under Links and Resources below).
  • Use of reputable cloud-service providers.
  • Applying software patches where required.
  • Keeping up-to-date with your cyber insurance (see next section).

Also, if you have remote workers, you may need to take extra care regarding cyber security. Cyber attacks rose considerably during pandemic lockdowns due to organisations not being properly prepared for employees working from home.

Actions to take include ensuring there are no unmanaged devices on your network and practising your cyber hygiene plan away from the office (as well as within it!).

You should also have a business continuity plan in place. Your plan should outline the steps to take after unexpected events or disruptions occur, including cyber-attacks.

Insurance cover for churches and charities

Faith Insurance understands the insurance needs of churches and faith-based charities.

We offer a comprehensive suite of policies, which includes crucial cyber coverage. Our cyber policy provides financial protection for losses from a range of attacks, including extortion, data breaches, and interruptions. The coverage has been developed with faith communities in mind, as for all of our insurance products.

To discuss your cyber insurance needs, please call 13 000 FAITH or send us an email.

Links and Resources

ASD: Cyber Alert service

Victorian Information and Privacy Commissioner:  Remote working privacy tips

Faith Insurance articles:
How to recognise scam emails
Security tips for remote workforces

Written by Tess Oliver

 

Tags: ,