Cyber Security Starts with You!
According to the Australian Bureau of Statistics (ABS), more than two in 10 businesses (22 per cent) experienced a cyber security attack during the 2021-22 financial year, compared to almost one in 10 (8 per cent) in 2019-20. These cyber security attacks impacted businesses. According to the statistics, in 2021-22 alone, 34 per cent of businesses reported loss of time in managing cyber security attacks, 18 per cent reported downtime of service, while 17 per cent reported a loss of staff productivity.
Every time, individuals use internet they have a choice to make decisions related to their security and security of their businesses, employers, and country.
In October 2023, The Australian Prime Minister announced Microsoft will commit $5 billion for increased cyber defence for Australia against global online threats. The Australian Signals Directorate (ASD) and Microsoft will collaborate to improve joint capability to identify, prevent and respond to cyber threats, through the Cyber-Shield.
While the governments around the globe including the Australian Government are making efforts and investments to secure their nations, it is the citizens who play most important role in making these policies a success or failure. A cyber informed and smart citizen is the least expensive and most effective tool against cyber threats.
Major Cyber Threats
- Phishing: Phishing attacks use emails and malicious websites that appear to be trusted organizations, such as charity, banks to obtain user’s personal information e.g. date of birth, passwords.
- Malware: A computer can be damaged or the information it contains harmed by malicious code (also known as malware). A malicious program can be a virus, a worm, or a Trojan horse. Malware is used to leak private information, gain unauthorized access to information or systems, deprive access to information, or interfere with the user’s computer security and privacy.
- Identity Theft and Scams: Identity fraud (also known as identity theft or crime) involves someone using another individual’s personal information without consent, often to obtain a benefit. For example, identity fraud can result in someone using another individual’s identity to open a bank account, get a credit card, get a SIM reissued, apply for a passport or conduct illegal activity. Identity theft and scams are crimes of opportunity, and even those who never use computers can be victims.
The Australian Competition and Consumer Commission (ACCC) states that there were over 16,000 reports of identity theft alone in 2022 (ACCC 2023). Approximately six percent of these reports resulted in losses, which totalled over $10 million (ACCC 2023).
Best Individual Practices
People are arguably the biggest risk as cyber threat evolve to become international and sophisticated, however the people are also the first line of defence. The below best individual practices will not only keep you safe from cyber threats but also will play significant role in keeping your organisation and country safe as well.
1. Turn On Multi-Factor Authentication:
MFA also known as Two Factor Authentication, Two Step Factor Authentication and 2FA. MFA opts into an extra step when trusted websites and applications ask you to confirm you’re really who you say you are.
Instead of asking you for a password – which can be reused, more easily cracked, or stolen, multi-factor authentication adds an extra layer of security. For all the applications covering banks, financial and emails, turning-on multi-factor authentication is important.
2. Think Before You Click:
As the old saying goes, “if it is too good to be true, it probably is.” Scammers may pretend to be your bank, a friend. The message may claim it needs your information because you’ve been a victim of cybercrime. A link will take you to a webpage that looks like a legitimate website, but it’s a trick designed by the hackers to have you reveal your passwords, credit card numbers or driving licence information.
It may also start an automatic download of attachment. If something is suspicious in your inbox, do not click on the links and report it to the Cyber Security department.
3. Be Cyber Smart:
It is an individual who develops cyber secure thinking by staying aware of the later cyber trends, breach news and listening to the advice of relevant government agency. Being cyber smart is to make it contagious and to communicate the best practices within the circle of friends and family. This will help the inner-circle, community and society take smart and secure decisions.
4. Sharing Information on Social Media
Avoid sharing information (including photos) online that cybercriminals can use to identify you, manipulate you through a scam or guess your account recovery questions. This may include your:
- Birthplace and date of birth
- Address and phone number
- Employer and work history
- Where you went to school
- Any other personal information that can be used to target you.
5. Secure Information Disposal:
While it is important to keep the information for recall purposes and use it in future, individuals must think about the information disposal as well. 75% of the information will become obsolete in next 5 years, so it is important the information is disposed-off in a secure way. Habits like cutting the credit card, shredding the old bank letters, keeping a softcopy instead of hard one will protect key data about you and your family.
6. Reporting Incidents and Continuous Communications:
The trauma of cyber scam can be significant and lots of victims do not report the cyber breaches to the relevant government agencies. It is important for individuals to report such incidents so they can be protected against new scams. This also helps the policymakers to make speedy, impactful policies and legislations to counter these threats to community.
The employers and governments must also continuously communicate and consistently remind citizens of cyber dangers. This regular emphasise will improve the cyber awareness in society.
7. Software Version Management:
Individuals must only use authentic software and applications. The authentic software has a proper product roadmap which consider the cyber security landscape for future and evolve the product release accordingly. Whenever there is a prompt for software updates especially patches covering the security and privacy, these must be installed.