COVID-19 shining the spotlight on cyber-security

By David Willett, General Manager, IT Security, PEXA

While social distancing requirements and lockdowns nationwide have forced us to adapt, it’s been wonderful to see the collaboration and embracing of digital solutions within our industry, ensuring citizens can settle property in spite of the circumstances.

But as Australians continue to navigate this online phase, there’s a key area in which we must remain vigilant – our cyber-security.

A cyber-attack occurs every 39 seconds 1 . (Varonis)

Cyber security incidents cost Australian businesses an estimated $29 billion every year 2 . (Australian Cyber Security Centre)

In 2019, phishing was the primary method used by hackers to scam Australian businesses - almost doubling the losses experienced in 2018 3 . (ACCC)

Currently, individuals are spending less time in their offices and more time working remotely, with heavier reliance on “access anywhere” cloud-based services.

These tools provide teams and companies with great flexibility, enabling the transmission of information and documents on any internet-enabled device.

But while businesses safeguard their data with rigorous security measures, the work-from-home boom means employees are more likely than ever to be accessing potentially sensitive information on devices that do not have the organisation’s protective measures in place.

Have a strategy for which cloud services your business needs and ensure you have paid for enterpriselevel accounts (if possible) with your chosen services – ensuring you get the cloud provider’s full suite of protection.

Make sure your staff know what your preferred services are and take steps to ensure they use only these to manage your business or clients’ information.

Enable MFA for any solution you have that can be accessed anywhere on the internet.

Operate your company devices with a full suite of security protection deployed, including anti-virus, up to date operating systems and browsers.

Staying alert is even more critical in the COVID-19 climate, which is proving an attractive proposition for would-be criminals.

As recently as 19 June, the Australian Government informed the public it was responding to a sophisticated, state-based cyber-attack.

This targeted organisations across a range of sectors, including all levels of Government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure. In addition, the Australian Cyber Security Centre (ACSC) confirmed it has observed an increase in COVID-19 themed malicious cyber activity.

This is a period in which people are constantly seeking information – and this specific, heightened demand for COVID-19 updates is being preyed upon by criminals. The benefits of being able to work remotely and stay connected digitally are significant – but this flexibility must not compromise security.

With our workforce poised to become more digitally dependent in the months and years ahead, the COVID-19 cybercrime spike should serve as a timely reminder of the need to ensure duediligence.