Cyber crime is a growing concern around the world, with malicious cyber activity a genuine risk to Australian businesses.
By global standards, Australia is a wealthy country, making it a target for hackers.
Australia is consistently ranked in the top ten countries at risk of ransomware attacks. Within that, the hospitality industry ranks among the top ten targeted industries in Australia.
Recently, one form of malicious software that has come to light locally is called ‘PerfectData Software’, which is installed when a hacker hijacks a Microsoft 365 account.
This application is used by hackers to export a backup of the user’s mailbox, using the information for fraud or to sell on the dark net.
It has been discovered in several clubs in New South Wales. Most Australian clubs use Microsoft 365.
Hospitality venues are routinely targeted as they can be storing large amounts of personal data from guests and members, they may have open wi-fi available, which can be less secure, and they may use shared Microsoft accounts.
Along with this, there are often other unsecured points of entry, which may not be considered. For example, one American casino was hacked through a fish tank thermometer.
With the protection of data a critical aspect of business, it is vital to treat cyber security as seriously as physical security – if not even more so.
Using a reputable managed IT service will assist in monitoring for updates and threats, as well as looking for weaknesses in systems before they become a problem.
The Federal Government’s Australian Signals Directorate (ASD) is also an excellent resource, which provides help, resources and tools to safeguard against these threats.
In the ASD’s 2022-2023 Cyber Threat Trends for Australian Businesses and Organisations report, top tips include:
- Turning on multi-factor authentication for online services;
- Using long and unique passphrases for each account;
- Turning on automatic updates and acting on installation prompts as soon as possible;
- Regular backups;
- Being alert for phishing messages and scams.
Further information can be found on its Protect Yourself page.
In the face of escalating cyber threats, safeguarding businesses against malicious activities is not just a priority but a necessity.
Embracing robust cybersecurity measures, staying informed about emerging threats, and partnering with reputable IT services are crucial steps in fortifying defences against the growing menace of cybercrime.
Great article and cudos for discussing it.
Be aware that compromised suppliers are a risk that can make an attack extra hard to detect. For example, if a hacker gains access to a supplier’s email system and can send emails to you pretending to be someone you trust, you’re more likely to click any links or download any file attachments.
Always be alert to what’s happening in your emails. If links don’t look legit (e.g. dodgy, or contain typos) – don’t click and phone the sender on a verified number to confirm they really sent the message. If attachments don’t work or open, call your IT services provider promptly.