Cyber Attacks

Cybercrime is increasing, and it’s a serious threat to individuals and businesses alike. According to Australia’s Commonwealth Director of Public Prosecutions: ‘In Australia ‘cybercrime’ describes both crimes directed at computers or other information communications technologies (ICTs), such as hacking and denial-of-service-attacks, as well as traditional crimes where computers or ICTs are an integral part of the offence, such as online fraud, money laundering and identity theft.’

Recent Medibank and Commbank data breaches attracted plenty of publicity and hopefully heightened the general public’s awareness of the problem, but it can still be difficult to assess the mass of electronic material hitting our phones, computers and tablets every day. Most of it is probably harmless enough, but it only takes one problem message to make for a very difficult, and sometimes expensive, result.

Government advice

There seems to be no limit to the malicious and seemingly benign hacking going on, but protecting financial and personal records must be a high priority. The Australian Taxation Office (ATO) has published a few tips to help from its point of view.

The ATO says it will never:
• Send a link in an email or text asking a customer to log in to ATO online services. Scammers use this tactic to harvest financial information
• Ask for personal identifying information, such as a tax-file number or bank-account details, on social media. To make sure you’re interacting with verified ATO accounts, look for the blue ‘verified’ tick on Facebook and Twitter, and a high follower count on LinkedIn
• Request payments through unusual methods, such as gift cards, crypto assets or cardless cash, or • Threaten with immediate arrest. If this happens, targets should report the incident to the ATO. The ATO also says businesses and individuals should review the ATO tips at ato.gov.au

Be aware

Strong security is needed to protect individuals and businesses from intrusion and theft at all levels, and protecting electronic equipment and information storage is no different. The difficult thing for many to grasp is that not only can electronic breaches leave no trace, but the stolen material is right where it’s supposed to be. It’s just been copied to use elsewhere. Until something strange shows up by way of an unexpected invoice or travel details or whatever, the theft may go undetected, sometimes for a very long time.

The basic ways criminals get business and client details include:
• Breaking in and stealing records
• Taking photos in and around businesses
• Stealing passwords, account logins or myGov ID details
• Obtaining access to data through legitimate means, like an employee using business systems or security controls
• Emails with malicious links or programs
• Emails requesting information which seem to be from reputable sources
• Exploiting security vulnerabilities in software.

The tougher the better

While there’s no guaranteed theftproof systems available, the more difficult information is to access, the more likely it is thieves will look elsewhere. Be sure to update devices and systems regularly – it’s critical to maintaining security – and get familiar with an electronic security measure called multi-factor authentication (MFA). Finally, make sure to check all electronic communications carefully before surrendering any information of any kind, and, as far as possible, limit access to records and files to as few people as possible.

Send this to a friend