{"id":6320,"date":"2021-09-02T22:58:49","date_gmt":"2021-09-02T22:58:49","guid":{"rendered":"https:\/\/contentsecurity.com.au\/?p=6320"},"modified":"2021-09-03T05:10:00","modified_gmt":"2021-09-03T05:10:00","slug":"ransomware-phishing-and-compromised-credentials","status":"publish","type":"post","link":"https:\/\/contentsecurity.com.au\/ransomware-phishing-and-compromised-credentials\/","title":{"rendered":"Ransomware, phishing & compromised credentials: perpetual cyber security hurdles"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The Office of the Australian Information Commissioner\u2019s (OAIC) most recent Notifiable Data Breach (NDB) report reveals that phishing, ransomware and compromised credentials remain the top successful vectors for attack. How are businesses to regularly protect against these persistent cyber security threats? \t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Report overview\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The OAIC\u2019s January to June 2021 NDB report<\/a> showed an overall decrease of 16% in breach notifications compared to the July to December 2020 period. As per usual, malicious attacks were the leading source of data breaches (65%), followed by human error (30%) and system fault (5%).<\/p>

After three years of the NDB report, it is no surprise that health service providers reported the highest number of breaches, accounting for approximately one fifth of all notifications. Finance notified 13% of all breaches, and the Australian Government remained in the top five industry sectors for the second consecutive report, with approximately 7% of notifications.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t

Breach sources\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

While the breakdown of breach source varied across each industry sector, 66% of criminal attacks were the result of cyber incidents and 34% could be owed to rogue employees, social engineering\/impersonation, and theft of paperwork.<\/p>

Over half of cyber incidents involved external threat actors gaining access to accounts using compromised or stolen credentials, with email-based phishing increasing by 5% in the last reporting period:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"ransomware\"\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Figure 1. cyber incident breakdown – all sectors, oaic notifiable data breach report january-june 2021<\/h6>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\tData breaches arising from ransomware attacks also increased by 24%, jumping from 37 to 46 notifications. With the Colonial Pipeline, JBS Foods, Nine Entertainment and Kaseya attacks all occurring within months of each other, it\u2019s no secret that ransomware has been front of mind for cyber criminals and cyber defenders alike. \t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Unfortunately, phishing, compromised credentials and ransomware are here to stay \t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

With great results yielded for cyber attackers, it\u2019s evident that these threat vectors will be perpetual mountains to climb for years to come. We\u2019ve seen them cripple businesses time and time again, and it\u2019s time to recognise that these are chronic, long-lasting issues that call for continuous protection.<\/p>

What the NDB report shows us is that having the right controls in place is nothing without having the right knowledge to back it up. While malicious incidents consistently comprise the majority of breaches in the reports, the role human error plays in both criminal attacks and internal breaches should not be downplayed.<\/p>

As Australian Information Commissioner and Privacy Commissioner Angelene Falk reminds us, \u2018human error remains a major source of data breaches. Let\u2019s not forget the human factor plays a role in many [malicious] cyber security incidents, with phishing being a good example.\u2019<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t

Phishing, compromised credentials and ransomware are not mutually exclusive<\/h2>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

As Proofpoint\u2019s 2021 State of the Phish Report<\/a> shows, successful phishing attacks lead to more than just data loss \u2013 the results are more often than not ransomware, credential compromise and other malware infection:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"ransomware\"\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
FIGURE 2. IMPACTS OF SUCCESSFUL PHISHING ATTACKS, PROOFPOINT 2021 STATE OF THE PHISH REPORT \t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

If nothing else, this truly emphasises the need for greater staff security awareness training, with a focus on phishing, as well as:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t