Search
  • Avantia Threat Update

TO APP OR NOT TO APP - THAT IS THE QUESTION!


This Past Week, Covid Safe app could use some fine tuning; Samsung Smart Phone’s 6 year risk; Google staff work from home till 2025; Cyber Resilience: Doing more with less; Zoom brings End To End encryption to their platform; US Airforce launches Cyber Attack; Cybercriminals haven’t given up on targeting healthcare; Consumers are more ready than ever to walk away from companies that experience a data breach and Major Breaches in CANADA; FRANCE; AUSTRALIA; UNITED STATES, GERMANY


Dark Web ID Trends:

Top Source Hits: ID Theft Forums

Top Compromise Type: Domain

Top Industry: Education & Research

Top Employee Count: 11-50

________________________________________________________________________

DOES AUSTRALIA’S COVID SAFE APP NEEDS SOME FINE TUNING

The Australian Federal Government is facing criticism over delays in rectifying bugs and shortcomings with its COVIDsafe contact tracing app. Computer experts have voiced concern that, week’s after the app was launched, the Government has not addressed some problems people have encountered in downloading and using the app. In addition to well-known problems in making the app work effectively on Apple iphones, users have also encountered issues downloading the app, registering for use and obtaining technical support. Software engineer Geoffrey Huntley said one of the potentially most alarming yet easily rectified problems was that the app displayed the message "You have tested positive for COVID-19" when users pressed the 'Upload my information' button at the bottom of the main page. The issue came to public attention within days of the app's launch when a Melbourne woman described her panic after coming across the message. Mr Huntley said it would be simple to change the wording on the app to fix the problem and was concerned that an update was yet to be rolled out. He said there were a number of problems with user experience that were yet to be addressed, including blocked access to the app for people with offshore iTunes accounts, the necessity of having an Australian mobile number and the requirement that users have access to SMS in order to register. Mr Huntley said there was "no customer support" addressing these or other issues raised by users and those attempting to download the app and register for its use. "The government keeps talking about the number of downloads. That should not be the success metric. The metric should be how it is working," he said. Chief scientist at the Optus Macquarie Cyber Security Hub, Dali Kaafar, said an even bigger problem was trying the make the app work with Apple iphone's IOS operating system. For the app to work properly, it must have uninterrupted Bluetooth access. But Professor Kaafar said an Apple iphone security feature was to block Bluetooth for apps working in the background, essentially rendering the COVIDsafe inoperative unless it was continuously in the foreground. Professor Kaafar said attempts had been made for Apple to issue an update to make a exemption for the app, but that now appeared unlikely. Instead, Apple and Google were working on an joint approach that may resolve the issue. Professor Kaafar said it may be that the app's developers were waiting on the results of this work before issuing a software update. The Digital Transformation Agency, which helped develop the app, said it would be updated "as required". The agency said that any bugs or issues could be reported via the app or by emailing support@covidsafe.gov.au.

For information on COVID-19, please go to the federal Health Department's website.

You can also call the Coronavirus Health Information Line on 1800 020 080 (Aust only)

If you have serious symptoms, such as difficulty breathing, call Triple Zero (000)


SAMSUNG SMARTPHONES 6 YEAR RISK FROM SECURITY BUG - PATCH NOW

Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold by the manufacturer since 2014. On its Android security update page Samsung thanks researcher Mateusz Jurczyk of Google Project Zero for the discovery of the vulnerability that could – he claims – be exploited to run malicious code on a targeted device, without alerting the user. Such an attack, if successful, could result in a remote hacker gaining access to a wide variety of information – including a user’s call logs, address book, SMS archive, and so forth. In a video posted on YouTube, the researcher demonstrates how the vulnerability could be exploited by a malicious hacker sending a boobytrapped image to the device via MMS. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser. The poisoned file is a custom Samsung Qmage (or QMG) image, that exploits a vulnerability in the image codec library code used on Samsung smartphones to overwrite memory and allow possible remote code execution. What makes such a vulnerability particularly concerning is the claim that it could be done without any user interaction, a “zero click” scenario where – for instance – a vulnerable phone just generating a thumbnail preview for a notification message might actually allow an attack. And don’t imagine that even if a notification message might not appear your smartphone would still set off a sound as a poisoned message was received. According to the researcher, although his video’s proof-of-concept demonstration makes no attempt to be silent or stealthy, “after some brief experimentation, I have found ways to get MMS messages fully processed without triggering a notification sound on Android, so fully stealth attacks might be possible.” According to Jurczyk’s write-up on the Project Zero website, the code used to handle QMG files is complex and so might not have been properly audited for potential security problems: “The complexity of the Qmage codec is very high — QMG files may choose from a wide range of different custom compression schemes, each of them handled by a lengthy and obscure decompression routine. There are dozens of functions with over 4 kB in length in the library, with the single longest function (QuramQumageDecoder32bit24bit) being 40 kB (!) long. This translates to tens of thousands lines of C code that likely have never been subject to much scrutiny in the form of a security audit or fuzz testing. I conclude this based on the fact that the code seems to be lacking any kind of bounds checking at any point of the file parsing, and it crashes instantly with almost every trivial modification to a valid test-case (e.g. when the dimensions of the image are slightly increased).” There is some good news, however. Firstly, the vulnerability is specific to software that ships with Samsung Android devices since late 2014 / early 2015. That means if you’re using an Android smartphone from a different manufacturer you should not be at risk from this vulnerability. Secondly, Google Project Zero has not released its proof-of-concept code, preferring to release a video demonstration instead. That reduces the chances of someone taking the attack code and adapting it for their own malicious purposes against unpatched Samsung smartphones. Thirdly, Jurczyk says that a successful attack typically requires 50-300 MMS messages to be sent to the targeted device before it successfully bypasses some of Android’s built-in security measures. As such an attack takes approximately 100 minutes (the actual length of time can depend upon a number of factors) to succeed. Finally, and most importantly, Jurczyk responsibly informed Samsung of the critical security vulnerability in January, but has delayed public disclosure of the issue until this week – giving time for the phone manufacturer to develop a fix (SVE-2020-16747) for its many millions of users.

GOOGLE EXPECTS ITS STAFF TO WORK FROM HOME UNTIL 2021

According to a Bloomberg report, Sundar Pichai, Google's CEO, told Google employees on Thursday to be ready to work remotely through October and possibly to the end of the year. Actually, a Google spokeswoman said most Google workers are expected to work from home until 2021. So, life's going back to normal? Not at this tech giant. Most every organization has been thrust into the future of work faster than prognosticators dared imagine. What will determine failure It's not just Google. Facebook has also told its staffers that most of them can continue to work from home through the end of the year. Zillow, the online real-estate company, has also announced that its people can work from home until 2021. And, Sagicor, a major Caribbean's insurance provider, announced their employees would be working from home until 2021. Texas, Georgia, and South Carolina and other states are encouraging businesses to re-open. Businesses aren't nearly as optimistic as these governments are. A recent HR survey found 62% of employers plan on keeping people working from home until experts, not politicians, agree it's safe to go back to work. Some businesses are exploring reopening their offices but asking their employees to continue to work at home part of the week. By reducing the number of staffers at work at any one time they'll be able to maintain social distancing in the office. Andrew Hewitt, a Forrester analyst, thinks this is a good idea. "You bring people back in shifts, you stagger it. You certainly don't bring everybody together." Business leaders need to decide on who they absolutely must have in the office, and plan so as to reduce the health risk to everyone. It's not just the office managers who've warmed up to people working from home. A Glassdoor survey showed "67% of employees would support the decision by their employer to mandate employees 'work from home indefinitely.'"   Generally speaking younger workers are more confident about this than their older counterparts, "68% of employees aged 18-34 reported being confident in doing their work remotely if they have to, compared to 44% of employees aged 55-64." Interestingly,  "71% of employed parents with children under age 18 said that they feel confident they can efficiently do their job remotely." IT management is also OK with this new work from home model.  An IDG survey found 71% say the coronavirus pandemic "has created a more positive view of remote workplaces." This is already making them look at "how they plan for office space, tech staffing and overall staffing in the future." Global Workplace Analytics (GWA) thinks, even after the novel coronavirus is finally corralled, many workers won't be returning to the office. GWA's President Kate Lister, said, "Our best estimate is that 25-30% of the workforce will be working-from-home multiple days a week by the end of 2021." Why? Both because they've found 80% of employees want to work from home at least some of the time. And, what's far more important, managers and executives are finding their remote workers are, well, still working. Lister said: “One of the biggest holdbacks of remote work is trust—managers simply don't trust their people to work untethered. They're used to managing by counting butts-in-seats, rather than by results. That's not managing, that's baby-sitting. What's more, seeing the back of someone's head tells a manager nothing about whether that person is actually working. When clients ask How will I know if they're working? I ask How do you know they are working now?"  Moving ahead, as we get on top of the pandemic and enter the recovery phase, work may never be the same. Working from home, may go from being an exception to the rule. 


CYBER RESILIENCE: DOING MORE WITH LESS

It’s definitely not business as usual. Threat actors are taking full advantage of these uncertain times by launching a wave of new cyber-attacks, leveraging tactics such as phishing, ransomware, and credential stuffing. Ransomware attacks alone skyrocketed 148% in the past month, according to VMware Carbon Black threat researchers. At the same time, many organizations are being forced to downsize staff and delay planned IT security projects. Now more than ever, it’s important to focus on defense strategies that assure the biggest bang for the buck. So where should organizations focus to improve resilience while stretching their budget further. According to ESG research, 62% of organizations were poised to increase spending on cyber security in 2020.  In fact, 32% of survey respondents said they would invest in cyber security technologies using AI/ML for threat detection, followed by data security (31%), network security (30%), and cloud application security (27%). Obviously, these priorities have been turned upside down and the new normal requires a complete rethinking of traditional security strategies.  To improve cyber resilience under the current conditions, it’s vital to focus on the effectiveness of security controls in the context of hackers’ tactics, techniques, and procedures ― often called TTPs. This approach can help security leaders defend their operations against cyber adversaries in the face of reduced staff and budget cuts. The following five best practices, based on an analysis of threat actors’ TTPs, can improve cyber resilience without the need for more resources:

1. Establish Secure Remote Access… for Workforce and IT Admins To remain operational, businesses were forced to shift to 100% remote working during the COVID-19 pandemic. While the initial focus was on workforce productivity to get employees up and running, organizations should now revisit their remote access deployments to assure both employee and IT admins accounts, which hold the keys to the kingdom, are protected from threat actors. For example, super users should employ VPN-less access in combination with identity access zones, multi-factor authentication, and least privilege.

2. Avoid Taking the (Phishing) Bait Ultimately, stealing valid credentials via phishing attacks and using them to access a network is easier, less risky, and more efficient than exploiting existing vulnerabilities, even a zero-day. Phishing emails have spiked by over 600% since the end of February, according to Barracuda Networks. As a result, cyber security defenses need to adapt to this reality. User education and beefing up an organization’s authentication systems are two essential steps that can minimize the risks associated with phishing and subsequent cyber-attacks aimed at data exfiltration.

3. Step Up Your Multi-Factor Authentication Game Clearly threat actors are no longer “hacking in” to carry out data breaches. Instead, they are simply logging in by exploiting weak, default, stolen, or otherwise compromised credentials. Multi-factor authentication (MFA) remains the most reliable option for augmenting an organization’s existing access controls. Replacing and/or supplementing username and password authentication with MFA significantly raises the bar and costs for carrying out cyber-attacks, which is why its rate of compromise is close to zero. If you haven’t implemented MFA yet, it’s time to do so. Otherwise, you might want to consider hardening your security posture by increasing identity assurance levels as defined by the National Institute of Standards and Technology (NIST) Special Publication 800-63A.

4. Boost Your Infrastructure Immunity Against Ransomware  As mentioned above, ransomware attacks have spiked over the last two months and no relief is in sight. There is no broad-spectrum immunization against every existing variant of ransomware. However, following basic best practices including implementing security awareness programs, backing up data regularly, and applying least privilege access, can minimize the organization’s exposure to the ransomware threat..

5. Enforce Least Privilege When it comes to breaches, all roads still lead to the human element. In fact, Forrester Research estimates that 80 percent of security breaches involve compromised privileged credentials. It seems obvious, imposing better controls over the human element should lead to significant improvements in data breach prevention. For superusers and IT admins, least privilege access based on just enough, just-in-time privileged access management (JIT PAM) is a best practice. The concept of least privilege, whereby IT admins are only provided the needed level of privilege to perform a certain task for the amount of time necessary to perform it, is an antidote for many security incidents. 

With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less. Focusing on identity as a security perimeter an efficient and effective way to mitigate cyber-threats.


ZOOM ACQUIRES ‘KEYBASE’ TO BRING END-TO-END ENCRYPTION TO THEIR VIDEO PLATFORM

Popular communications platform provider Zoom Video announced that it has acquired secure messaging and file-sharing service Keybase for an undisclosed sum. The move is the latest by the company as it attempts to bolster the security of its offerings and build in end-to-end encryption that can scale to the company’s massive user base. “There are en-to-end encrypted communications platforms. There are communications platforms with easily deployable security. There are enterprise-scale communications platforms. We believe that no current platform offers all of these. This is what Zoom plans to build, giving our users security, ease of use, and scale, all at once,” Eric Yuan, CEO of Zoom, said in a statement. Zoom said it would offer an end-to-end encrypted meeting mode to all paid accounts.  Zoom’s popularity has skyrocketed as a result of the coronavirus outbreak, but that popularity has also attracted the attention of many cybersecurity experts, who have identified numerous security and privacy issues. Zoom’s popularity has also attracted hackers, who have been abusing security weaknesses to join meetings and make threats, show pornographic images, or shout profanities and other offensive messages. The company also came under fire when researchers discovered that keys used to encrypt and decrypt meetings were sometimes sent to servers in China, even if all participants were located in other countries. In late April, the company announced a series of security improvements designed to address many of the concerns raised recently. The company also tapped former Facebook security chief Alex Stamos as an advisor, and has teamed up with Luta Security to revamp its bug bounty program. Zoom also created a CISO Council to advise Yuan on security, which includes CISOs from several companies, including NTT Data, HSBC, Ellie Mae, and Procore.  “This acquisition marks a key step for Zoom as we attempt to accomplish the creation of a truly private video communications platform that can scale to hundreds of millions of participants, while also having the flexibility to support Zoom’s wide variety of uses,” Yuan wrote in a blog post. “Our goal is to provide the most privacy possible for every use case, while also balancing the needs of our users and our commitment to preventing harmful behavior on our platform. Keybase’s experienced team will be a critical part of this mission.” 


US AIR FORCE LAUNCHES CYBER ATTACK ON GPS SYSTEMS

US Air Force reportedly launched cyber attacks on GPS Systems early this year says a source familiar with the news due to Congressional mandate. However, the attack was launched by an experts team of Booz Allen on behalf of US Air Force on the digital replica of satellites and not the original ones and was intended to test the vulnerabilities of GPS Systems. An official statement released on this note on March 26th of this year in Air Force Magazine( Monthly journal of Air Force Association) confirms the same and affirms the use of ‘Digital Twins’- conventional simulators which usually help in predicting the engine performance and help train pilots with automated systems before flying a flight and emerging technologies. Dubbed as ‘SatSim’ and built by Booz Allen Hamilton Inc, the GPS Simulator is aimed to conduct penetration tests and vulnerability scans on trusted computing systems across GPS systems. This includes testing of ground control stations, satellites, and other radio frequency links. A team of experts is allowed to launch man-in-the-middle attacks on the communication links to track down the vulnerabilities and fix them on time before any untoward incident takes place. Highly placed sources say that SatSim was built by Booz Allen Hamilton with the help of its 4 engineers who then transformed it into a suite of scalable software testing simulator which helps validate cyber threats on GPS systems. Booz Allen says that such simulators carried out at frequent intervals help track down susceptible links between ground stations and satellites. This helps nations cut down costs in repairing the satellite equipment if it’s targeted by a state-funded actor, as all the risks and mitigation measures are already tabulated. ______________________________________________________________________________


THREAT FOCUS: Management and Network Service, LLC.  - UNITED STATES

https://enterprisetalk.com/news/management-and-network-services-llc-notifies-patients-of-data-security-incident/


Exploit: Phishing scam  

Management and Network Services, LLC.: Managed care provider 

Risk to Small Business: 1.479 = Extreme Hackers accessed several employee email accounts containing patients’ personally identifiable information (PII) and protected health information (PHI). The breach, which occurred between April and July of 2019, wasn’t discovered until August 21, 2019. Although they haven’t detected data misuse, this extended duration could make it more difficult for victims to recover. In response, the company is updating its email security practices and implementing two-factor authentication to prevent a future incident.  

Individual Risk: 1.716 = Severe Patients’ personal information was compromised in the breach. This includes names, medical treatment information, diagnosis and medical details, insurance credentials, dates of birth, and Social Security numbers. In some cases, the breach also exposed driver’s license numbers, state identification card numbers, and financial details. Those impacted by the breach should immediately notify their financial institutions of the event while taking steps to ensure that their data isn’t used in other nefarious ways.    

Customers Impacted: Unknown

Effect On Customers: Cybercriminals are capitalizing on the chaos of COVID-19 to send millions of phishing scams each day. Even one malicious message can have cascading consequences for your business, making employee awareness training a top priority for companies looking to keep their data secure. 

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. To find out more call Avantia on 07 30109711 or Email info@avantiacorp.com.au



THREAT FOCUS: Storenvy Retail - UNITED STATES  

https://www.hackread.com/e-commerce-firm-storenvy-hacked-accounts-leaked/


Exploit: Unauthorized database access

Storenvy: Online retailer 

Risk to Small Business: 2.281 = Severe Hackers gained access to a company database containing customer information. This database was subsequently downloaded and posted online as a free resource. Making matters worse, the database contained plaintext passwords and other personal data that can quickly be used by bad actors to execute cybercrime ranging from spear phishing scams to malware attacks. This is the company’s second data breach in two years, undermining its credibility at a critical time. Online shopping is experiencing a boon because of the COVID-19 pandemic, but customers are increasingly unwilling to do business with platforms that can’t protect their information.

Individual Risk: 2.779 = Moderate The compromised data includes shoppers’ account passwords, order details, and payment methods. However, shipping and card information were not impacted. Victims should immediately update their account passwords, and they need to be mindful that the compromised data could be used against them in future cyberattacks.  

Customers Impacted: 1,500,000

Effect On Customers: How Both now and in the future, online retail is becoming the preferred shopping experience. This is a significant opportunity for many companies, enabling them to reach a bigger and broader audience than ever before. Unfortunately, for companies that can’t protect their platforms, many customers will take their business elsewhere.

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the world. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyse, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: Call 07 30109711 or Email info@avantiacorp.com.au



THREAT FOCUS: York University - CANADA

https://www.cbc.ca/amp/1.5555106


Exploit: Malware attack

York University: Academic institution

Risk to Small Business: 2.670 = Moderate A cyberattack corrupted several of York University’s servers and workstations, forcing the school to take its remaining network offline to stop the spread. As a result, students and staff were unable to access remote learning applications and other digital resources. In addition, students who are upset by a lack of communication from the university are complaining to the media, inviting brand erosion and other long-term consequences.    

Individual Risk: At this time, there is no evidence that personal information was compromised in the breach. However, users should carefully monitor their accounts and credentials for misuse or abuse.

Customers Impacted: Unknown

Effect On Customers: As many organizations move their operations online, testing the integrity of IT infrastructure is a critical component of ensuring a smooth transition. Of course, cybersecurity isn’t just a matter of convenience. In today’s regulatory environment, the risks of remote work make compliance a critical issue during this unprecedented time.

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & Huntsman Digital Auditor to the Rescue: Helping SME’s to understand the importance of security is no easy task. With an ‘Essential8’ Digital Security Audit we offer a remote access, independent, ‘real time’ audit of our clients critical operational infrastructure systems to determine where the gaps are with recommendations for remediation. Its the first step to real cyber security. Call Avantia’s office on 07 30109711 or visit: https://www.avantiacybersecurity.com/cyber-security-audit


THREAT FOCUS: Tarkett - FRANCE 

https://in.reuters.com/article/tarkett-cyber/french-company-tarkett-hit-by-cyberattack-shares-fall-idINKBN22G0KR?&web_view=true


Exploit: Ransomware 

Tarkett: Floor and wall covering producer  

Risk to Small Business: 2.117 = Severe A cyberattack has disrupted Tarkett’s operations, causing its shares to plummet. The attack, which occurred on April 29th, forced the company to disable its information technology systems and to implement other defensive measures to protect employee, company, and customer data. In response, the company has hired a third-party cybersecurity team to restore operations, but the expense triumvirate, including recovery, reputation, and share costs, could be significant.    

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

Effect On Customers: Tarkett has hired cybersecurity experts and has notified its cyber-insurance provider, but these measures won’t make their problems go away. Shareholders are recognizing the immense negative impact of a ransomware attack and bailing on the company, which has a long, arduous recovery ahead. Rather than waiting to respond to an attack, this incident, and hundreds like it, should encourage every organization to re-examine their defensive capabilities with this threat in mind.

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & Passly to the Rescue: With Passly, get the secure identity and access management solutions that you need to protect your systems and data in today’s remote work landscape at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage. Find out more by phoning Avantia on 07 30109711 or Click the link to get started: Click the link to get started: https://www.avantiacybersecurity.com/overwatch

THREAT FOCUS: Fresenius Private Hospitals - GERMANY    

https://krebsonsecurity.com/2020/05/europes-largest-private-hospital-operator-fresenius-hit-by-ransomware/


Exploit: Ransomware 

Fresenius: Private Hospital operator

Risk to Small Business: 1.751 = Severe A ransomware attack has disrupted many of the company’s operations. Although patient care continues, this attack is especially problematic as the healthcare provider is playing a crucial role in the COVID-19 pandemic with a deluge of patients presenting with the virus. The incident is emblematic of a broad uptick in healthcare-related cyberattacks, and it serves as a reminder that, in 2020, quality patient care includes comprehensive cyber-readiness. 

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

Effect On Customers: Ransomware attacks are a persistent and expensive threat to every organization. Ensuring that your defensive posture is equipped to handle this problem is critical to thriving in our current digital environment.

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defence against cybercrime. To find out more call Avantia on 07 30109711 or Email info@avantiacorp.com.au

THREAT FOCUS: Federal Department Of Home Affairs - AUSTRALIA

https://www.infosecurity-magazine.com/news/breach-exposes-data-of-774k/


Exploit: Unsecured database

Home Affairs: Australia’s Security screening department.

Risk to Small Business: 2.157 = Severe An unsecured database exposed the information for hundreds of thousands of users who uploaded their information to a department form for skilled workers looking to migrate to Australia. The breach compromised peoples’ personally identifiable information for an at-risk population. The breach is especially untimely because the Australian government is asking people to trust its cybersecurity and data privacy acumen by downloading a COVID-19 tracing app that relies on peoples’ sensitive personal data. It’s a reminder that brand reputation and cybersecurity are inextricably linked, and companies that care about the former will prioritize the latter.  

Individual Risk: 2.285 = Severe The exposed database included users’ partial names, ADUserIDs, age, country of birth, marital status, and desired application outcomes. It applies to applicants as far back as 2014, and it could be used to execute additional cybercrime or instances of fraud. Those impacted by the breach should carefully scrutinize incoming messages while also being aware that their data could quickly spread on the Dark Web where cybercriminals use that information for a variety of malicious purposes.   

Customers Impacted: 774,326

Effect On Customers: This week, the Australian Government is asking citizens to download the CovidSafe app, a contact tracing app that can help deter the spread of the novel Coronavirus. Unfortunately, as we detail at the end of the newsletter, consumers are increasingly unwilling to work with platforms that can’t protect data. In this case, preserving consumer trust may be an actual matter of life or death, and, for many organizations, their survival in today’s digital landscape is likely predicated on their ability to protect their data.

Risk Levels*:

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

*Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & Passly to the Rescue: With Passly, get the secure identity and access management solutions that you need to protect your systems and data in today’s remote work landscape at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage. Find out more by phoning Avantia on 07 30109711 or Click the link-to get started: Click the link to get started: https://www.avantiacybersecurity.com/overwatch

______________________________________________________________________________


POSTSCRIPT:


Consumers Seek New Options After a Cyberattack    

While many organizations are focused on the bottom line during the COVID-19 downturn, cyber-readiness must be considered as a critical piece of the puzzle. According to a recent consumer survey, today’s customers are placing a high priority on cybersecurity, often requiring it as a prerequisite for doing business. For instance, 90% of those surveyed consider a company’s trustworthiness when deciding to purchase a product, and nearly 60% indicated that they would avoid doing business with a company that experienced a cyberattack in the past year.  When cyberattacks cause a service disruption, 37% of survey participants indicated that they would switch to a competitor, and 66% were prepared to leave if operations weren’t restored within three days. The survey results were especially problematic for financial service providers and communications products, two industries that consumers are readily prepared to abandon in the event of a cybersecurity incident. The global survey that included shoppers in North America, the United Kingdom, France, and Germany found that consumers overwhelmingly feel that businesses aren’t doing enough to protect their information. 80% of respondents noted that they shared negative ransomware-related brand experiences with family, friends, or colleagues, accelerating brand erosion and piling on to the long-lasting implications of a cyberattack. For companies navigating an already harsh business environment, it’s clear that customer retention may be contingent on their ability to defend their networks from an ever-evolving threat landscape.


Cybercrime Increased by 300% Since COVID-19 Pandemic Began  

By now, many organizations are well aware of the increase in cybercrime since the COVID-19 pandemic began. The number of phishing scams have soared, popular virtual meeting platforms (like Zoom) have endured cybersecurity shortcomings and many more.   A report by the US Federal Bureau of Investigation (FBI) has quantified the increase in cyberattacks, detailing that the number of reported cybersecurity complaints have increased by more than 4,000 since the pandemic began. The information comes as tech platforms have similarly quantified cyber threats related to their platforms. Google says that it’s blocking 18 million COVID-19 phishing scams each day, and the US Federal Trade Commission (FTC) has recorded 18,257 fraud complaints related to the Coronavirus, collectively causing US$13.44 million in losses.  These numbers are a reminder that companies need to remain vigilant about addressing the most pressing threats, especially phishing scams, during the pandemic. However, agencies are also speculating that the significant uptick in cybercrime could be the result of a yet undisclosed data breach, which means that companies need visibility into the Dark Web where stolen credentials or other information could be used in upcoming attacks.  

Disclaimer*:

Avantia Corporate Services Pty Ltd T/A Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cyber security information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services - All Rights Reserved.

(2,274,326)

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.

© 2020 by Avantia CORPORATE SERVICES . All Rights Reserved.