Sydney, July 11, 2017 - Recent global ransomware attacks have highlighted the vulnerable position of Australian businesses when it comes to cyber security, yet many are still failing to undertake urgently required remediation, experts have warned.
In recent months the WannaCry and Petya outbreaks caused widespread disruption and losses for businesses and public-sector bodies around the world, and it is feared they represent just the start of a new wave of targeted cyber crime.
Experts at a security round table event in Sydney today agreed urgent action was required by Australian businesses of all sizes to ensure they were as prepared as possible before the next wave of attacks occurs.
"Business owners are understandably focused on the day-to-day challenges of running their business," said David Cohen, Founder and Managing Director of SystemNet. "But unfortunately this means they are not paying sufficient attention to cyber security.
"Many might be aware of the risks, but have not considered the impact a ransomware attack could have on their operations. Effects could range from mild inconvenience to a data loss so significant it puts them out of business."
A board-level problem
Monica Schlesinger, Principal of Advisory Boards Group International, said the situation was not confined to small businesses with many large organisations also vulnerable to attack. She pointed to the most recent Petya attack that caused significant disruption for global firms such as advertising giant WPP, legal company DLA Piper and Danish shipping giant Maersk.
"Every business needs to have a clear strategy in place when it comes to cyber security, and formation of that strategy has to start at board level," she said. "The strategy must take into account the evolving threat environment and clearly outline the steps that will be taken to minimise the risk of attack."
Schlesinger said that, traditionally, IT challenges tended to not be well understood at board level, however the current environment had made cyber security an issue that required constant oversight by senior management.
"It needs to be seen as special risk. When you suffer an attack it can happen very quickly and can destroy your company. It's not a case of 'if' an attack will happen but 'when' and the board needs to be sure all required steps have been taken.”
Changing regulatory environment
Round table participants discussed the ramifications of the Notifiable Data Breaches Bill which will come into force in February 2018. The bill requires companies to report security breaches where there has been unauthorised access, disclosure or loss of personal information held by a company that is likely to result in 'serious harm to any of the individuals to whom the information relates'.
"This means the impact of attacks can no longer be swept under the carpet," said David Higgins, ANZ Country Manager at WatchGuard Technologies. "Senior management has to be aware of its responsibilities and realise that security can no longer simply be left to the IT team. They have to take a top-down approach."
Awareness and education
Although the recent ransomware attacks have served to increase awareness of the challenge, round table participants agreed more education was required for Australian business leaders. Many were still not taking basic steps such as deploying software patches that could significantly reduce their level of risk.
"There is also a need for ongoing education of staff around IT best practices," said Cohen. "They must be aware of the risks associated with opening emails from unknown parties, visiting suspect websites and installing software from unknown sources."
Higgins agreed, saying IT security was the responsibility of everyone in a business and all had a part to play in ensuring defences are as robust and effective as possible.
"Awareness and action has to extend from the managing director or board through to the most junior staff member," he said. "By taking a holistic approach, businesses can ensure they have both the tools and behaviours in place that are needed to counter the threat."
While ransomware has captured the bulk of attention when it comes to cyber crime, the panel speakers emphasised that there are other trends that should also be on the radar screens of Australian businesses. The trends include:
- Evolving Attacks: Attackers do not remain stagnant and, as new technologies emerge, they evolve their tactics to be more effective. Ensuring robust security will involve monitoring a shifting target.
- Authentication: One of the foremost tenants of security is trust, and trust is based on authentication. Unfortunately, the primary mechanism used for authentication - passwords - is no longer sufficient. New methods must be quickly found and put into use.
- Everyone is a target: There is a misconception among small and midsized businesses that, because they don’t have huge amounts of intellectual property, they won’t be attacked, but that’s a fallacy. Bad guys don’t always want to steal data, and in the case of a ransomware attack, they don’t want the data at all – they just want the victim to want it badly enough to pay to get it back. Everyone is a target.
"Cyber attacks are going to become more sophisticated and, unfortunately, more effective," said Higgins, "By having a multi-layered defence strategy in place, applying patches and educating staff, businesses can be best placed to withstand the threats that will have to be faced in the future."
About WatchGuard Technologies, Inc.
WatchGuard® Technologies, Inc. is a global leader in network security, providing best-in-class Unified Threat Management, Next Generation Firewall, secure Wi-Fi, and network intelligence products and services to more than 75,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.
For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org.