Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

  • LinkedIn Social Icon
  • Facebook Social Icon

© 2019 by Avantia Cyber Security. All Rights Reserved.

Disclaimer*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Search
  • Avantia Threat Update

DRONE SWARM WARFARE IS COMING

Updated: Nov 24, 2019


Drone attacks and counter attacks are coming...... the technology is available right now

This Past Week the British Government moves to combat ‘weaponised drone swarms‘ of the future; Biometric scans raise privacy & security concerns; Email breach costs Chicago firm US$1.5million in fines by regulator; Chinese APT group attacks State Institutions in 6 Countries; Ransomware freezes Canadian Govt.’s IT Systems; Negligence compromises user data; Hackers attack digital points of sale; SME’s struggle to hire top cybersecurity talent and significant data breaches occur in FRANCE; CANADA; ITALY; AUSTRALIA and UNITED STATES*.

Known Customers Effected by Data Breaches reported in this Briefing

this past 4 weeks: 222,096,402 *


This Past Week’s Top Dark Web Trends*:

Top Source Hits: ID Theft Forums  Top Compromise Type: Domain Top Industry: Education & Research Top Employee Count: 501+ Employees 


'PEREGRINE FALCON STYLE DRONE SWARMS COULD DEFEND UK AIRPORTS:*

The British government has funded 18 anti-drone projects as part of its £2m push to stop a repeat of the Gatwick drone fiasco of 2018 – including a friendly drone swarm that will employ "peregrine falcon attack strategies" to down errant unmanned flying things. Among the ideas that have scooped up to £800,000 each in funding for further development are plans to use machine learning to train cameras and other sensors on what a small drone looks like to aid early detection, as well as direction-finding of 4G and 5G-controlled drones. In addition, one plan includes "low risk methods of stopping drones through novel electronic defeat or interceptor solutions". That is, jamming a rogue drone or flinging something into it to knock it out of the sky. One wacky firm is working on a counter-drone swarm that will use "peregrine falcon attack strategies". Funded by the Defence and Security Accelerator (DASA) the competition is intended to bulk out the British state's ability to KO unwanted drones at will, whether they're being flown near the country's second-busiest airport, dropping drugs into prisons, flying over sports stadiums and live-streaming fixtures, or anything else naughty you can think of. More seriously, the Armed Forces are increasingly worried about the threat from drones, as was demonstrated by the first ever landing of what the MoD now calls "aerial vehicle systems" aboard new aircraft carrier HMS Queen Elizabeth. DASA's David Lugton said in a canned quote: "The threat from UAS [unmanned aerial systems] has evolved rapidly and we are seeing the use of hostile improvised UAS threats in overseas theatres of operation. There is a similar problem in the UK with the malicious or accidental use of drones becoming a security challenge at events, affecting critical infrastructure and public establishments; including prisons and major UK airports." Around 90 bids were received for the DASA funding, said the organisation. Among the successful bidders were defence multinationals BAE Systems, Northrop Grumman, Thales and MBDA, all with various similar proposals for radar and sensor systems intended to pick up small drones, as well as privatised British defence research establishment Qinetiq, which is working on an electromagnetic death ray "hard kill for disrupting the UAVs' on-board electronics". Phase 2 of the competition begins next year, with the intent being to develop the 18 shortlisted ideas into something usable by military and police agencies alike. 


CONCERNS RAISED OVER PRIVACY AND SECURITY OF BIOMETRIC PROGRAM:*

An independent ethical advice group has raised concerns about the UK Home Office's £842m Biometrics program, which will store millions of people's highly sensitive biometric data, due to go live next year. In 2017 the Home Office tasked the National DNA Database Ethics Group to expand its remit to cover the use of forensic identification techniques, including facial recognition technology and fingerprinting in government. On Monday the Biometrics and Forensics Ethics Group (BFEG) released its first annual report dated 2017.  In it, the body expressed concerns over the Home Office Biometrics (HOB) program, designed to deliver "a unified biometric service for the government that is effective, adaptable, efficient, proportionate and lawful". The program consists of three main modalities: DNA; fingerprint identification; and facial recognition. During the year the working group said it identified a number of potential issues resulting from the program including:

- the complexity and risk associated with the transfer of data from one system to another

- the protection of the public when data was transferred

- whether the combination of datasets would result in individuals gaining greater access to data than was originally intended

- the sensitivity of both data and metadata

- ensuring that checks were not skipped, despite tight deadlines.

In its recommendations it said it would be "necessary to explore the aggregated implication" of interactions between the Home Office National Law Enforcement Data Program (NLEDP), the Home Office Biometrics (HOB) program, and projects to upgrade the Emergency Services Network and Automatic Number Plate Recognition system as "these may interact with each other in the future". In October the Home Office awarded US company Leidos a £300m, 10-year deal to connect the Home Office's legacy IDENT1 for UK police forces and law enforcement with the Immigration and Asylum Biometrics System (IABS). The report also recommended that the "public should be informed of the boundaries of the MPS [Metropolitan Police Service's] facial recognition trials project and its future uses. The MPS should be explicit, open and proactive in stating that it was not be used to gather intelligence covertly or to generate a soft watch list using social media." It also said a public consultation should be conducted, prior to the next scheduled custody images review [in 2020], to ascertain the views of the public in relation to the retention and use of custody images. Earlier this year researchers found MPS's use of facial recognition to be highly inaccurate and of dubious legality. There are now around 21 million shots of faces and identifying features like scars or tattoos in the custody image database. This includes images of people who haven't been charged with a crime because – unlike the UK's DNA or fingerprint databases – these images are only removed if someone requests it. "Future IT systems should allow for the centralised storage and automatic deletion of custody images. The retention regime governing these IT systems should be agreed prior to the development of new technology."


CHICAGO BROKERAGE FIRM TO PAY US$1.5M IN FINES FOR CYBER ATTACK LAPSES.*

The U.S. Commodities Futures Trading Commission (CFTC) said on Friday that a Chicago-based futures brokerage will pay a total of US$1.5 million for letting cyber criminals breach the firm’s email systems and withdraw $1 million from a customer’s account. Phillip Capital Inc (PCI) neither admitted nor denied the CFTC’s findings or conclusions, the CFTC said in a settlement with the firm. The case, which stems from a February 2018 phishing attack, illustrates the vulnerability of financial services firms to cyber attacks and how lapses in following procedures for responding to a cyber attack can spur trouble with regulators. PCI violated U.S. regulations by, among other things, failing to disclose the breach to Customers, the CFTC said. The penalty includes $1 million in restitution to the customer defrauded by the attack and a $500,000 penalty. In the attack, PCI’s information technology engineer received an email from a hacked financial security company account, then entered login details in response, not knowing that cyber criminals would receive the information. The criminals accessed employee email accounts that contained detailed customer information, the CFTC said. Irregularities in the email system appeared the next day, but the engineer, whom the CFTC did not identify, did not reset the firm’s main password or tell employees or managers about the breach for another day. On March 2, 2018, cyber criminals used information found in the emails to pose as a customer via another email and facilitate the transfer of $1 million to a Hong Kong bank. PCI, part of Singapore-based Phillip Capital Group, learned about the transfer three days later, when the defrauded customer called to ask why $1 million had been wired from its account. Employees did not consult or follow the firm’s security procedures after the attack, the CFTC said. The agency found that PCI’s chief compliance officer was not familiar with technology or cyber security and could not adequately evaluate whether the firm’s cyber security policies and training were adequate, the CFTC said. PCI has since notified customers about the breach and taken steps to improve its cyber security, the CFTC said.


CHINESE APT GROUP, CALYPSO, HACKED STATE INSTITUTIONS IN 6 COUNTRIES:*

A Chinese-speaking APT group, Calypso, has actively been targeting state institutions in six countries, hacking network perimeters and injecting a program to gain access to internal networks, according to a report from researchers at Positive Technologies Expert Security Centre. The researchers found that the hackers either exploited a remote code execution vulnerability MS17-010 or used stolen credentials. “These attacks succeeded largely because most of the utilities the group uses to move inside the network are widely used by the specialists everywhere for network administration,” said Denis Kuvshinov, lead specialist in threat analysis at Positive Technologies. “The group used publicly available utilities and exploit tools, such as SysInternals, Mimikatz and EternalRomance. Using these widely available tools, the attackers infected computers on the organisation’s LAN (local area network) and stole confidential data.” Research indicates the campaign is the work of an Asian group. In one attack, the malfeasants, who are believed to have originated in Asia, used PlugX malware, a signature of APT groups from China and some of the attackers inadvertently revealed their IP addresses from Chinese providers. Positive Technologies experts said the group used the Byeby trojan used in a 2017 SongXY malware campaign. Institutions in India were hit the hardest, followed by Brazil and Kazakhstan, Russia, Thailand and Turkey.


RANSOMWARE FREEZES GOVERNMENT I.T IN CANADIAN TERRITORY OF NUNAVUT. *

A malware infection has crippled the IT operations in the remote Canadian territory of Nunavut. An alert from the provincial government on Monday says that "all government services requiring access to electronic information" are being impacted by what they describe as a "new and sophisticated" infection. "Essential services will not be impacted and the [Local Government of Nunavik] will continue to operate while we work through this issue," Premier Joe Savikataaq said. "There will likely be some delays as we get back online, and I thank everyone for their patience and understanding." Fully recovering from the infection could be tricky for Nunavut, a remote area that covers much of the northernmost portions of Canada. The territory covers an area of more than 1.9 million square km, but has a population of around 36,000 people. While the Government did not say exactly which infection had crippled its IT infrastructure, a CBC report showed a copy of a ransom note that appears to be identical to that of the Dridex malware's DoppelPaymer ransomware module. The infection could also be a sign of a larger trend from ransomware operators towards targeting smaller Countries and Local Governments outside the USA. According to Emsisoft, that has been tracking attacks on US state and local governments, reported ransomware outbreaks in the US have been falling over the last few months, from a high point of 44 in July to 24 in each of August and September to 16 incidents in October. The theory is that, as Municipal and State Governments in the US wise up and improve their security, hackers have opted to go international in search of softer targets. "US entities are on very high alert, bolstering their IT and so are less likely to be comprised," the security biz said in a note to The Register. "Because of this, big game hunters are increasingly looking for opportunities in the other countries." Meanwhile, Nunavut has some company in Spanish media company Cadena SER, who this week was revealed by Spain's National Security Department to be one of a group of local companies to fall victim to a ransomware outbreak in that region.


THREAT FOCUS: Web.com Domain Registry - UNITED STATES *

https://www.scmagazine.com/home/security-news/data-breach/web-com-discloses-breach-affecting-customer-account-info/

Exploit: Unauthorized database access

Web.com: Domain name registration and web services provider

Risk to Small Business: 2.111 = Severe: An unauthorised third party accessed Web.com’s network, which compromised their customers’ personally identifiable information. The intrusion took place in August 2019, but IT personnel were not able to identify the breach until October 16th. Data breach notifications went out this week, but the significant detection delay will certainly compound the damage for both the company and its customers.

Individual Risk: 2.285 = Severe: The breach compromised names, addresses, phone numbers, email addresses, and service information. Security experts believe that the breach extends beyond Web.com and includes users of Network Solutions and Register.com. This information often makes its way to the Dark Web where it can be repurposed for additional cyber-attacks or identity fraud. Anyone impacted by the breach should scrutinise their online communications, as hackers will use compromised data to orchestrate spear phishing attacks.

Customers Impacted: Unknown Effect On Customers: Survey after survey reveals that customers are increasingly wary of doing business with companies that can’t protect their personal information. This reality is only exacerbated when companies are slow to detect or respond to security incidents. As a result, data security and response protocols are an integral part of doing business. In 2019, cybersecurity isn’t just for the IT department to consider. It needs to be a top-down priority that impacts every facet of the company.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID™ is the leading Dark Web monitoring platform worldwide. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyse, and proactively monitor for an organisation’s compromised or stolen employee and customer data. Schedule a demo today:  Call 07 30109711 (office hours)


THREAT FOCUS: sPower - UNITED STATES*

https://www.zdnet.com/article/cyber-attack-hits-utah-wind-and-solar-energy-provider/

Exploit: Cyber-attack

sPower: Renewable energy provider

Risk to Small Business: 1.444 = Extreme: sPower was the victim of a cyber-attack that brought down its services and disconnected its hardware from the electrical grid. Although the attack occurred in April, the details are emerging as part of a Freedom of Information Act filing by reporters covering the energy sector. Hackers were able to leverage a vulnerability in the company’s firewall that allows outside entities to access their network. The event could significantly harm the company’s reputation within the energy industry, impacting its ability to land future contracts and compete with other companies.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: Reputation management can mean the difference between earning the next contract and losing out to a competitor. In that regard, ensuring that your organisation’s most prescient threats are accounted for can help avoid the bad press and brand erosion that follow in the wake of a cyberattack. While every industry’s threats are unique, every consumer or collaborator wants the same thing: sufficient cybersecurity to meet the moment. Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: With BullPhish ID™ penetration testing of your network and ongoing Staff Training for your employees, we can provide an overview to our customers of the unique risks and available solutions, transforming the weakest links of an organisation into their strongest points of protection. Find out how you can get started with us here - Call 07 30109711 (office Hours) for a no obligation discussion.


THREAT FOCUS: City of San Marcos - UNITED STATES*

https://www.sandiegouniontribune.com/communities/north-county/story/2019-10-31/san-marcos-city-computer-systems-hacked

Exploit: Cyber-attack

City of San Marcos: Local government municipality

Risk to Small Business: 1.666 = Severe: Hackers accessed the city’s computer systems and restricted access to significant portions of their IT infrastructure. The attack, which began on October 24th, brought down email accounts and other communication services. As a result, messages sent to city employees were not delivered, though government facilities remain open. Recovering from the attack is proving especially difficult, as the services are still restricted for more than a week after the initial event. To prevent further attacks, employees are being asked to change their passwords and enable two-factor authentication on their accounts.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: Many cybersecurity vulnerabilities can be mitigated by adopting adequate preventative measures. For instance, using strong, unique passwords and two-factor authentication can prevent hackers from using stolen credentials to access accounts and dig deeper into your company’s IT environment. As the costs associated with breach continue to pile up, the ROI on implementing cybersecurity defence becomes easily apparent. Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue:   Helping our SME Customers understand the importance of security is no easy task. Training campaigns to educate employees, making them the best defence against cybercrime can have a marked impact on enterprise security. Call Avantia on 07 30109711 (Office Hours) for a no obligation explanation of how we can help you. 


THREAT FOCUS: Ontario Science Center - CANADA*

https://www.cbc.ca/news/canada/toronto/science-centre-data-breach-1.5338334

Exploit: Unauthorized database access

Ontario Science Center: Science museum

Risk to Small Business: 2.222 = Severe The Ontario Science Centre endured a data breach after an employee of a third-party contractor downloaded personal data from the museum’s newsletter subscribers. The breach impacts subscribers, along with participants in camp programs and birthday parties. Although the breach is relatively restricted, it will still drain resources from an educational institution with better priorities in mind.

Individual Risk: 2.428 = Severe: The breach includes names and email addresses, but other personal or financial information was not included in the event. Despite the incident’s limited scope, this information can still be valuable in the hands of cybercriminals, and those impacted must enlist in identity and credit monitoring to stay protected.

Customers Impacted: Unknown Effect On A Customers Business: How it Could Affect Your Customers’ Business: Third-party collaborations are a normal part of business operations for most companies, but cybersecurity standards need to be considered when entering into a partnership. For instance, even though the Ontario Science Centre wasn’t directly responsible for this data breach, the accountability will land squarely on their shoulders.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: Helping our SME Customers understand the importance of security is no easy task. Training campaigns to educate employees, making them the best defence against cybercrime can have a marked impact on enterprise security. Call Avantia on 07 30109711 (Office Hours) for a no obligation explanation of how we can help you. 


THREAT FOCUS: Sixth June Fashions - FRANCE*

https://www.bleepingcomputer.com/news/security/sixth-june-fashion-site-hacked-to-steal-credit-cards/

Exploit: Malware attack

Sixth June: Fashion online store

Risk to Small Business: 1.888 = Severe: Hackers infected Sixth June’s online store with e-skimming malware that is able to collect customer information at checkout. Despite the alarming nature of the attack, company leaders were slow to respond. Security researchers contacted Sixth June’s leadership team on October 20th, but the malware remained active five days later. This attack was especially covert as the hackers used a similarly registered domain name to disguise the malicious website. As a result, Sixth June customers were unlikely to discover malware without the company’s direct intervention.

Individual Risk: 2.142 = Severe: E-skimming malware attacks collect extremely sensitive personal information, including names, addresses, and payment information. While Sixth June hasn’t reported specific data compromised in this breach, any information that users provide at checkout is likely available to hackers. Those impacted by the breach should take every measure to secure their credentials, including notifying their financial institutions and enrolling in credit and identity monitoring services.

Customers Impacted: Unknown Effect On Customers: Although being the victim to a data breach is a nightmare for any business, it’s even worse when the response is slow or inadequate. Multiple cybersecurity experts have commented online and criticised Sixth June leadership for not responding to their warnings about the malware. The blowback for Sixth June could be immense. Regulatory consequences, reputational damage, and lost revenue will likely change the company’s trajectory going forward. Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue:  With BullPhish ID™ penetration testing of your network and ongoing Staff Training for your employees, we can provide an overview to our customers of the unique risks and available solutions, transforming the weakest links of an organisation into their strongest points of protection. Find out how you can get started with us here - Call 07 30109711 (office Hours) for a no obligation discussion.


THREAT FOCUS: Unicredit Finance - ITALY*

https://uk.reuters.com/article/us-unicredit-cyber/unicredit-hit-by-data-breach-of-italian-client-records-idUKKBN1X70HM

Exploit: Exposed database

UniCredit: Banking and financial services company

Risk to Small Business: 1.555 = Severe: UniCredit recently discovered an exposed database containing the personal information for millions of the company’s customers. Shockingly enough, the database had been accessible since 2015. This is the company’s third data breach in recent years, and it sent their share price down by 4%. The bank is spending a significant amount of money to update its IT infrastructure to prevent such an event in the future, but that is unlikely to alleviate the reputational damage and regulatory repercussions heading their way.

Individual Risk: 2.428 = Severe: The exposed database contains the email addresses and phone numbers for the banks’ clients. Hackers did not have access to login credentials, but that doesn’t mean that those impacted by the breach are out of the woods. Personal details can be used to facilitate additional cybercrime that can compromise even more sensitive information.

Customers Impacted: 3,000,000 Effect On Customers: The path to restoring customer confidence after a data breach is one that is not well-charted. However, companies are testing their customers’ limits when they endure multiple cybersecurity incidents. Each episode forces businesses to restart the restoration process. Knowing what happens to exposed or stolen customer data is the first step to a swift response that can revive customer confidence.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with our international Partners like Avantia Cyber Security to strengthen their security suite by offering industry-leading detection and alert services. Discover more: Call 07 3010 9711 (office hours) to see how Avantia can help you.


THREAT FOCUS: 7-Eleven - AUSTRALIA*

https://www.infosecurity-magazine.com/news/drivers-data-exposed-in-7eleven/

Exploit: Accidental data exposure

7-Eleven: Convenience store and gas station chain

Risk to Small Business: 2 = Severe: Australian customers using 7-Eleven’s app designed to help drivers reduce fuel costs were able to view the personal information of other customers after logging in to the platform. In response, the company brought the app offline to identify a suitable solution. The company later relaunched a repaired app several hours later, but the damage had already been inflicted.

Individual Risk: 2 = Severe: Personally identifiable information, including names, email addresses, cell phone numbers, and dates of birth were exposed. Only one customer reported accessing this data, but it’s possible that it was made available to many more, including bad actors who were aware of the vulnerability. It’s better to be safe than sorry, so it’s recommended that anyone impacted by the breach enrol in identity monitoring services to protect the integrity of their information.

Customers Impacted: Unknown Effect On Customers: This incident serves as a reminder that a simpler user experience should never come at the expense of data security. 7-Eleven app developers failed to identify a relatively simple flaw in their system, and this oversight will have untold consequences for their customer base and ability to innovate in the future. In other words, technological advancement and cybersecurity need to go hand-in-hand.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: It’s critical that your SME’s and all employees understand the importance of cybersecurity. With BullPhish ID™ penetration testing of your network and ongoing Staff Training for your employees, we can provide an overview to our customers of the unique risks and available solutions, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here - Call 07 30109711 (office Hours) for a no obligation discussion.


THREAT FOCUS: Exchange for Change - AUSTRALIA*

https://www.brewsnews.com.au/2019/11/01/brewers-hit-by-nsw-container-deposit-scheme-data-breach/

Exploit: Accidental data sharing

Exchange for Change: Coordinator of litter reduction program

Risk to Small Business: 1.666 = Severe: Exchange for Change inadvertently emailed invoices containing financial information to various competitors participating in the litter reduction program. The error has compounded public scrutiny of the program, which has had several problems in its rollout. While the company made clear that their network had not been compromised, the accidental sharing will have many of the same repercussions, including reputational damage and potential customer defections.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: Today’s companies face a litany of cybersecurity threats, so self-inflicted wounds are especially frustrating and problematic. Of course, human error isn’t just limited to accidental sharing. There are multiple threats that companies can diffuse simply by preparing their employees to be successful at this critical imperative. Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach

Avantia Cyber Security & ID Agent to the Rescue: Designed to protect against human error, BullPhish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defence against cybercrime. Find out how you can get started with us here - Call 07 30109711 (office Hours) for a no obligation discussion.


POSTSCRIPT:*

Small Businesses Struggle to Acquire Top Cybersecurity Talent *

Few institutions are at more risk of a cyber-attack than SMEs. Unfortunately, these same companies are struggling to compete with major corporations for the IT and cybersecurity talent that can keep their infrastructure and data secure.  In general, this trend reveals a growing chasm between escalating cybersecurity threats and the availability of affordable, qualified professionals who can defend against them. In Canada alone, it’s estimated that organisations will need to fill 3,600 cybersecurity positions alone, meaning that the market forces of supply and demand are inextricably working against SMEs with more modest budgets. Moreover, today’s cybercrime are becoming increasingly sophisticated and exponentially more expensive. For instance, credential stuffing and ransomware attacks often require specialised personnel to adequately defend against these threats. However, SMEs don’t have to bring all of this talent under their own roof. Instead, they can partner with qualified cybersecurity specialists (Like us!) to augment their capabilities and ensure their data security in a dangerous digital environment. Call us today on 07 30109711 (office hours) to find out how we can assist you at minimum cost.

Data Breaches Are Pushing SMEs Into Bankruptcy *

A recent survey by Zogby Analytics confirmed what many people already knew: data breaches are wreaking havoc on SMEs. In particular, the financial implications of a data breach are overwhelming their capacity and forcing them to take drastic action.  The survey, which questioned more than 1,000 small business leaders, found that 37% of SMEs that experienced a data breach suffered financial loss and 25% filed for bankruptcy. Ultimately, 10% of SMEs went out of business following a data breach. At the same time, leaders understand the threat. 88% of respondents indicated that their company was “somewhat likely” to experience a data breach, while nearly half believe that they are “very likely” to be the victim of data loss event. As today’s world continues to grow increasingly aware of the costs and prevalence of data breaches, the responsibility for leaders to defend against them has never been greater. If you want to survive don’t do nothing..... do something.





Disclaimer*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cyber security information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.


*COPYRIGHT 2019 Avantia Corporate Services - All Rights Reserved.

3,000,000