Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.
This month in security: February 2020
Deep fake technology is advancing in leaps and bounds, leaving tech companies, policymakers and retailers scrambling for a way to combat the threat they pose.
We take a look at how Australians are losing millions of dollars to romance scams every year, and why big companies are finding themselves targeted by sophisticated ransomware attacks. The Coronavirus crisis has sparked off a wave of malware attacks, while the Sydney police cyber squad hauls in an $11 million hustler.
‘Deep fakes’ are getting smarter and harder to detect
‘Deep fakes’ and the technologies used to make them are advancing at breakneck speed, threatening to escalate into a full-blown epidemic we are ill-equipped to handle. Governments are already taking serious measures to tackle the crisis, such as China’s outright ban on unauthorised AI-created media.
Governments, commercial brands, big tech companies and social media platforms are all researching new ways to fight deep fakes through new tech, new policies, biometrics and awareness campaigns. Retail and commerce brands are starting to realise how deep fake scams can damage their brand.
The search for love cost Australians $28 million in 2019
The Australian Competition and Consumer Commission reported almost 4,000 dating and romance scams in 2019, leading to losses of $28.6 million through dating websites and social media.
As more and more people turn to dating apps and social media to find a partner, scammers and cybercriminals have found a new avenue to ply their trade. The trends show that scammers are increasingly turning to chat apps and online games to sweet-talk their victims out of their money and their personal data. Anyone can be a target, so be sure to keep an eye out for the warning signs.
‘Blackwhaling’ puts large enterprises at risk of their data being held hostage
Around the world, ransomware attacks are growing much more ambitious, with sophisticated cybercriminals blackwhaling (‘blackmail’+‘whale’) large enterprises to extort vast sums of money.
Cybercriminals have realised that even the biggest companies can have surprisingly poor cybersecurity practices. Earlier this month, Mitsubishi Electric Corp of Japan experienced a data breach which may have compromised defence equipment, prompting an investigation by the Japanese defence ministry. Just a few weeks ago, the Australian logistics company Toll Group was targeted by a ransomware attack which forced them to shut down a number of systems and process parcels manually. It’s no surprise that in most cases of ransomware attacks, human error is the culprit. Almost one in two Australian workers put their company at risk by opening emails, clicking links from unknown senders, downloading fake software or suspicious videos. Cybercrime is now believed to cost Australia's economy more than $1 billion a year.
Cybercriminals exploiting Coronavirus panic to spread malware
The recent outbreak of the Coronavirus has sparked a wave of malware-infested emails across Australia claiming to contain local news alerts about the virus.
With the virus making the headlines, many people lower their guard and click on emails offering to advise them on how to protect themselves. Many emails claim to contain news updates about incidents of the virus in their locality. But these fake emails often contain a variant of the Emotet Trojan, leaving unsuspecting users wide open to attack. The trojan installs itself on the user’s system without their knowledge and smuggles sensitive user data like logins and passwords back to the scammers.
Sydney police crackdown on cybercrime
A few weeks ago the NSW Cybercrime Squad charged a Sydney man for an $11 million cyber fraud, in which he allegedly obtained the financial profiles of more than 80 people, and stole from their savings and superannuation accounts
NSW Cybercrime Squad Commander Detective Superintendent Matthew Craft said the investigation was a timely reminder for individuals and businesses to have strong cybersecurity measures in place. Few people think seriously about the dangers of sharing their data online, and with something as intangible and hard to track as data, cybercrime presents a unique challenge for law enforcement. Identity information and credit card data are valuable commodities on the black market and dark web, so always make sure you know exactly who you’re handing your information over to.