HOW TO PROTECT

YOUR BUSINESS &

CLIENTS FROM

CYBER ATTACKS?

WHAT IS

CYBERCRIME?

Australian Cyber Crime Act 2001

…an illegal activity carried out against computer data and systems..The broader definition also includes “computer-related offences, as well as content and copyright infractions”.

WHAT IS CYBERCRIME?

cybernetic-gi.com

VIDEO by Deloitte

ROBERT MUELLER – FBI Director, 2012

There are only two types of

companies: those that have

been hacked, and those that

will be.

cybernetic-gi.com

CAMBRIDGE UNIVERSITY & LLOYDS, 2016

The amount of cyber

insurance being purchased

in Australia [has] increased

168 fold in the last two years

cybernetic-gi.com

http://www.businessinsider.com.au/not-enough-executives-know-effective-cyber-security-strategy-and-its-costing-the-australian-economy-17-billion-annually-2016-11

76 million households&

7 million businesses

JPMorgan Chase2014

Credit Card Details

Financial Records

Personal Details(phone numbers, addresses)

COMPROMISED

DATA

cybernetic-gi.com

1 million individuals

Australian Red Cross2016

Personal Details

Potential Health Records

Sexual History Records(and contact details like phone

numbers, addresses)

AUSTRALIA’S

BIGGEST DATA

BREACH YET

DATA

cybernetic-gi.com

40 million Credit Cards.

TargetDec, 2014

· 1-3 Million Credit Cards.

· Sold for $27-$135 each.

· $53.7 Million stolen before

banks could block cards.

COMPROMISED

STOLEN

TARGET: $10 Million to

fraud victims.

BANKS: $200 Million in

card replacements

COST

cybernetic-gi.com

750,000 Records

Aussie Travel CoverDec, 2014

· Travel Details

· Policies

· Personal Details

(phone numbers, addresses)

COMPROMISED

DATA

cybernetic-gi.com

8 PAGES of Email

Address Records

Centrelink2016

· CC instead of BCC everyone

· Resend the incorrect email

· Potential email security

flaws or encryption missing

EMAIL ADDRESSES

COMPROMISED

HOW?

cybernetic-gi.com

$450,000 OF RATE

PAYERS MONEY

SCAMMED

Reference:

http://www.abc.net.au/news/2016

-08-16/brisbane-city-council-

loses-450k-to-

scammers/7746812

Brisbane City Council2016 PHISHING EMAIL –

PAYMENT & ID

DETAILS IMITATED

cybernetic-gi.com

WHAT ARE THE

CURRENT TRENDS

IN CYBER CRIME?

CYBERCRIME IS ON

THE RISE

Breaches increased by

15% in 2015.

TRENDS IN CYBER CRIME

SMALL TO MEDIUM

BUSINESSES

TARGETED

In 2016, Australia is

second highest target

country in the world (after

Japan) for Ransomware

CRIMINALS LOVE

SOCIAL MEDIA

70% of social media

scams in 2014 were

manually shared by people

to their friends

cybernetic-gi.comhttp://www.cso.com.au/article/607329/australia-leads-apac-

reported-data-breaches-even-without-breach-notification-laws/

STEALTH ATTACKS

It takes businesses on average 8 months before

they realise they have been breached.

TRENDS IN CYBER CRIME

ATTACKS ARE LONGER

More breaches per minute, hour, year

increase almost double fold in 2016 so far from

2015.

ATTACKS ARE MORE

TARGETED

Companies admit that they can only successfully notice these attacks only 25% off the times at an average or

even less.

cybernetic-gi.com

WHAT ARE COMMON

CYBER ATTACKS?

SPEAR-PHISHING ATTACKS- Increased 25% in 2015 for phishing emailing attacks

- More than 23.7% business in Australia suffered

business interrupting breaches in 2015, double than

2014.

- TREND: Sent via valid, but stolen corporate emailing

accounts.

TROJANIZED SOFTWARE

Hackers hide their malware inside of software

updates, and wait for the company to infect itself with

the update.

COMMON ATTACKS2013-2016

RANSOMWARE

Cybercriminals encrypt networks and computers and

extorting money from the owners in exchange for the

encryption key.

- Increased by 220% in 2016 just between Q1 vs Q2.

- COST: Minimum ransom starts $300-$500 dollars

MOBILE MALWARE

- 14% increase in malware (Q1 vs Q2, 2016).

- Around 1 million apps on the market used to steal

information such as mobile banking details and

confidential emails.

cybernetic-gi.comReference: https://securelist.com/analysis/quarterly-malware-reports/75640/it-threat-evolution-in-q2-2016-statistics/

WHY ARE

BUSINESSES A

TARGET?

cybernetic-gi.com

STEP ONE

ATTACKS FROM WITH IN THE COMPANY

LARGE VOLUME OF SENSITIVE

INFORMATION

TOO UNCONCERNED WITH CYBER SAFETY

INSUFFICIENT IT SECURITY

WHY ARE YOU UNDER ATTACK?

HOW WILL IT IMPACT

YOUR BUSINESS &

CLIENTS?

IMPACT ON YOUR BUSINESSWHAT IS THE PRICE OF POOR IT SECURITY?

REVENUEPRODUCTIVITY REPUTATION

If a cybercriminal gains access to your network, it will generate loss of

productivity, compromise your data and possibly that of your clients, it will

impact your company’s reputation, and could even result in law suits.

cybernetic-gi.com

24

- Mandatory Breach Reporting will soon be introduced

by the Australia Government.

- The new draft legislation will amend the Privacy Act to

require companies to disclose to their clients if their

data is compromised.

- Increase regulation and financial burdens on

organisations who do not report.

Reference - http://www.arnnet.com.au/article/608773/mandatory-

data-breach-notification-laws-hit-parliament/

MANDATORY DATA BREACH REPORTING

cybernetic-gi.com

HOW CAN YOU

PROTECT YOUR

BUSINESS?

EASY STEPS YOU SHOULD TAKETHE DEVIL IS IN THE DETAILS…

STRONGER PASSWORDS

- The most over looked security measure.

- Change passwords every 3-6 months

- Delete old email accounts

IT SECURITY POLICY

- Educate everyone in your company on

policy regarding password sharing, email

attachments etc.

FIRST RESPONSE PROCEDURE

- Plan on how to deal with a network breach

- Who do you call?

- What systems do you take offline?

- Educate all your staff

UPDATE YOUR SOFTWARE

- Regularly update your software and

patch any vulnerabilities.

cybernetic-gi.com

27

- Determine the business value of IT assets.

- Calculate cost from loss of those assets and the

impact on business elements.

- Assign recovery priorities to the assets.

- Should complete annually.

BUSINESS IMPACT AND RISK ASSESSMENT

cybernetic-gi.com

28

24/7/365 PROTECTION

- Using Industry-leading tools, certified IT experts secure your

information assets 24/7/365.

- With live monitoring we can track spikes in your networks data

stopping attacks before they occur.

- Often at a fraction of the cost of in-house security resources.

MANAGED SECURITY SERVICES

cybernetic-gi.com

29

- A real-life simulated attack conducted by a certified

Ethical Hacker.

- Provides a comprehensive assessment of your IT

security.

- Identify the weaknesses in your IT system and

remove them before cybercriminals can gain access.

PENETRATION TESTING

cybernetic-gi.com

BEST PRACTICES

Strong Passwords, Firewalls, Antivirus

Software, Encyption.

MANAGED SECURITY SERVICE

Live defense against cyber criminals.

Up-to-date system protection.

PENETRATION TESTING

Secure your IT Infrastructure by

conducting a comprehensive test on its

safety. Remove vulnerabilities before

they can be exploited in real-life.

CONCLUSION

MANDATORY BREACH REPORTING

News laws will penalise companies

who do not report breaches in thier

networks.

RISK ASSESSMENT

Have a clear understanding of your

system and the devices that support it.

Secure your end-points to prevent

attacks from the inside.

STAY SAFE

It is always better to be proactive with

your IT Security, so when the time

comes, you don’t have to be reactive.

cybernetic-gi.com

Our Office

L 19, 1 Eagle St, Brisbane QLD, 4000

Our Phone

1300 292 376

Emailcontact@cybernetic-gi.com

GET IN TOUCH WITH US OPEN WEEKDAYS 8am – 5:30pm

Website

www.cybernetic-gi.com