• Bradley Sing

    Bradley Sing is currently Technical Consultant at Mimecast where he has been since November 2016. Bradley has been working in the technology industry for almost four years and draws on his previous experience to help align customer business needs with the technical solutions that Mimecast provides, which ranges from product demonstrations to help documenting processes and aspects of products. Prior to his role at Mimecast, Bradley worked across the web hosting & domain name industry in Australia, working for Melbourne-based web hosting startup Hosting Australia and previously Melbourne IT Group.

    Comments:0

    Add comment
Content

Ransomware flexed its muscles, and governments hit back

Ransomware threats have been growing for years, and in 2021 we hit a tipping point. This was the year ransomware came for every industry – and governments joined together to fight the threat.

Perspective

Ransomware has been growing steadily year-on-year, with the Australian Cyber Security Centre (ACSC) recording a 15% rise in 2021. This year offered a stark reminder that every business, whatever its size and sector, is a potential target. Australian meat processors, schools and casinos suffered attacks, while in New Zealand, property companies and the search and rescue base at Aoraki (Mount Cook) were hit. Organisations in Australia and New Zealand may be seen as more enticing targets than those in the US, with one survey showing that 54% of Australian companies paid their ransoms.

In October an international conference called for tighter controls on money laundering, and proposed collaborative efforts to target ransomware gangs. Australia’s action plan aims to make the reporting of attacks mandatory for large organisations and the establish a dedicated anti-ransomware taskforce, while the New Zealand government is making its threat intelligence available to private-sector security firms. These are welcome measures – only coordinated action can stamp out ransomware.

Cyber'sCold War intensifies

Most cybercriminals are just out for a quick buck, but in an increasingly connected world, cyber is a battleground for nations seeking to influence their rivals. China was linked with at least one attack on Western Australia’s parliament, with Parliament House also hit.

Perspective

In July, Australia joined with the US and UK to address China’s role in malicious cyber activities. Home affairs minister Karen Andrews said, “They have been called out and we will continue to call out, not only China, but other nations, if they do launch and undertake significant attacks here on Australians and Australian businesses.” With New Zealand’s National Cyber Security Centre (NCSC) noting that 28% of cyber incidents showed links to suspected state-sponsored actors and Microsoft naming Russia as being behind over half of attacks, this Cold War shows no signs of letting up.

As the pandemic becomes a fact of life, so do attacks on the unwary

As lifestyles have shifted over the course of the Covid-19 pandemic, hackers have found new angles of attack.Computer takeover scams are on the rise, and more and more people are having their personal data exposed – one huge leak saw details from around two million Australian accounts scraped from Facebook and LinkedIn and dumped on an unsecured server.

Perspective

People were using digital services more and more even before the pandemic, and COVID-19 has accelerated that trend –with both work and play now taking place online. Enjoy gaming? Twitch suffered a massive breach this year. Spent lockdown focusing on your fitness?Health apps were found to be hungry for sensitive data – and bad at keeping it under lock and key. The ACSC recorded around four pandemic-related incidents every day in 2021, and were themselves impersonated by scammers. Cyber resilience isn’t just for CISOs anymore, it’s everyone’s problem now.Simple measures(such as enabling multi-factor authentication and thinking before sharing data) can make a huge difference to everyone’s safety.


Critical infrastructure attacks go big

Crucial services such as healthcare, local government, education and banking have been repeatedly threatened this year. Indeed, the NCSC made the 15% rise in attacks on “nationally significant organisations” the headline in its annual report.

Perspective

These attacks don’t just damage organisations’ finances – they can cripple vital services and dent public confidence. Healthcare was hit hard in 2021: data leaks affected Sydney and Brisbane-based medical institutions, system shutdowns delayed operations and hospitals and care homes were attacked. Valuable data and poorly-secured legacy systems means the sector is hugely appealing for criminals.Local governments and banks have also been attacked, with theReserve Bank of Australia (RBA)declaring it is “almost inevitable that at some point the defences of a significant financial institution will be breached”. Major institutions need to be ready for threats such as ransomware and DDoS (Distributed Denial of Service) attacks – and to respond quickly once an incident is detected.


2021 proved that threats evolve – but that criminals can be stopped

2021 saw collaborations of different nations take the fight to cybercriminals. In January, a Euro pol-led group of nations severely disrupted the notorious Emotet malware. Meanwhile, in July, the REvil gang vanished. Both threats were to return later in the year, with Emotet reappearing on Windows systems. However, REvil’s return was short-lived, with arrests in November shattering the gang.

Perspective

Emotet has been described as the world’s most dangerous malware, while REvil was arguably the biggest name in cybercrime. As Emotet’s return suggests, attempts to stamp down on malicious software and gangs can sometimes feel like a game of whack-a-mole. But 2021 has seen law enforcement agencies claim some notable scalps, disrupting criminal activity and suggesting that collaboration can bring down the bad guys – and giving cybersecurity some much-needed good news.

Technical Consultant, Mimecast

Bradley Sing is currently Technical Consultant at Mimecast where he has been since November 2016. Bradley has been working in the technology industry for almost four years and draws on his previous experience to help align customer business needs with the technical solutions that Mimecast provides, which ranges from product demonstrations to help documenting processes and aspects of products. Prior to his role at Mimecast, Bradley worked across the web hosting & domain name industry in Australia, working for Melbourne-based web hosting startup Hosting Australia and previously Melbourne IT Group.

Stay safe and secure with latest information and news on threats.
User Name
Bradley Sing