The financial services sector is often reported as being the most attacked industry in Australia, but a report from Dimension Data has found education now holds the crown.
With 26 percent of all attacks in Australia targeting the education sector, Dimension Data’s Executive Guide to the NTT Security 2018 Global Threat Intelligence Report has said educational institutions should be on “particularly high alert” in this region.
“Increased levels of attacks are likely due to the move towards more collaborative environments inside and among facilities such as universities, colleges, and schools,” the report explains.
“Open networks have become commonplace on Australian campuses, but that ubiquity makes them alluring targets for cybercriminals — especially since higher learning institutions often possess sensitive company and state information.”
Second to education is the technology sector, Dimension Data reports, accounting for 17 percent; finance, which has been the top of the most attacked industry list for many years in Australia, came in third with 13 percent.
The technology sector’s significant intellectual property is a prime target for competitive advantage, Dimension Data said, making the sector the second most attacked, globally.
“It’s in the top five across all regions, signalling a shift in adversary intentions,” the report says.
According to the report, the “rising technology adoption” of the financial services sector places it at “elevated risk”. It is still the most targeted, but not the most attacked sector.
The government sector accounted for 13 percent of total attacks, while manufacturing accounted for 12 percent.
Pointing to the launch of the Notifiable Data Breaches (NDB) scheme earlier this year, the report said the prospect of hefty fines is a wake-up call for cybersecurity investment, while the public embarrassment and brand damage when a breach is revealed is another.
“Forcing companies to disclose if they’ve been successfully attacked by cybercriminals is elevating the cybersecurity conversation to the board level,” the report notes. “The NDB Act will also spur more investment into security technology adoption, ensure the right balance and risk assurance, and reinstil customers’ faith.
“If your company isn’t yet dealing with security as part of its high-level strategy, we recommend making it an immediate priority.”
While Australia is a frequent target, it’s also a major source of attacks, according to the report.
In the last year, 57 percent of cyberattacks in the Asia Pacific (APAC) region originated from Australia, the United States, and China.
It was reported that 66 percent of attacks on the financial sector in APAC originated from Australia.
“These attacks are generally sophisticated and target services, applications, and web applications,” the report says.
Service-specific attacks topped the list of the types of attacks most commonly perpetrated in this region, with 28 percent; brute forcing followed, with 25 percent; application-specific attacks accounted for 14 percent; and further down the list with 4 percent was denial-of-service or distributed-denial-of-service attacks.
“This isn’t surprising, given Australia’s advanced adoption of technology,” the report continues. “It has many skilled technology professionals and countless budding ones. This assures that the country will remain a massive target — and continued haven — for cyberattacks.”
The report is based on global attack and incident response data gathered from NTT Security and supported NTT operating companies from October 1, 2016 to September 30, 2017.
The Office of the Australian Information Commissioner has received 63 data breach notifications in first six weeks of the scheme’s operation.
Although 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye’s Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.
South Korea and Taiwan also are on the top 20 list of global markets that saw the most bot traffic last year, while China was the third most common origin of malicious traffic, behind leader United States and Russia.
Almost half of companies across five Asia-Pacific markets view employees’ lack of cybersecurity awareness as the biggest threat, with 67 percent describing internal threat as a risk the organisation.
Data breaches can be chaotic and stressful episodes. Learn the most effective actions you can take to help plan for these turbulent events.