News Technology15 Jul 2019

Australia:Increasing socially-engineered cyber attacks demands greater protection


The first quarter of 2019 saw a 17% increase in cyber criminals using impersonation in phishing attacks primarily by imitating well-known brands, revealed new research from cyber security company FireEye which analysed 1.3bn phishing emails. This has stressed the need for organisations to engage in better training and education as well as insurance as a last line of defence.

The research report also said that “threat actors were doing their homework” and developing new variants of impersonation attacks that targeted new contacts and departments within organisations.

Almost a third of the 1Q2019 attacks involved Microsoft spoofs while others saw OneDrive, PayPal, Apple and Amazon being impersonated. Cyber criminals also impersonated CEOs and other senior corporate officers to request changes to bank account information.

According to the research, using HTTPS (hypertext transfer protocol secure) for malicious phishing sites saw a 26% surge in 1Q2019. This gives a false sense of security as there is a misconception that the protocol is only identified with legitimate and safe sites.

Another trend discovered in the research is hosting malicious files on cloud-based file-sharing sites such as Dropbox, Google Drive and OneDrive. This allows links to get through email filters as they do not look suspicious.

“Socially-engineered theft or ‘hacking the human’ is a trending exposure in Australia and globally today. Most breaches are caused by employees opening phishing emails that have already made it through existing technology defences,” said Emergence Insurance national head of sales Gerry Power.

In view of this issue, he said that social engineering advice was one of the most frequent requests from brokers seeking information for their clients. According to him, a cyber insurance policy is not the first line of defence even though it is part of every successful business’s risk management framework.

“Cyber insurance is designed to protect a business when its IT security, policies and procedures fail to stop an attack. But no amount of risk management can get you out of the sights of a determined cyber attacker,” said Mr Power.

Emergence provides cyber insurance for SMEs through to ASX-listed entities in Australia. It recently introduced a criminal financial loss cover option to provide cyber insurance protection for financial loss associated with a company’s business being hacked or a social engineering attack.

| Print | Share

Note that your comment may be edited or removed in the future, and that your comment may appear alongside the original article on websites other than this one.

 
Recent Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

Other News

C-Suite

more »

Life & Health

more »

Non-Life

more »

People

more »

Reinsurance

more »

Regional

more »

Regulations

more »

Risk Management

more »

Technology

more »

Product News

more »

About

News

Conferences

Products

Ins Communications Pte Ltd 69 Amoy Street, Singapore 069 888. Tel: (65) 6224 5583, Fax: (65) 6224 1091 | Copyright 2019 All rights reserved.