The basic defense trifecta smart businesses are deploying in 2020

2020 is going to be a game changer.

Businesses globally are looking to streamline operations and get an edge to stay ahead of the competition.

Savvy leaders will make sure their attention always remains on their core goal.

This includes keeping an eye on their core offering and making sure they nail delivery on all elements of their business.

It also means ensuring they keep costs down and sales up.

Highly effective business leaders take foundational steps to make sure business interruptions are minimal at all times.

Owners and decision makers of large scale manufacturing businesses through to highly sort-after local dentistry practices are always well positioned when planning is considered and risks to the business addressed early.

In 2020, cyber security remains a real threat to every Australian business.

Businesses looking to be well positioned in their cyber security defences work towards three main elements.

Cythera Services Manager Ben Cuthbert explains with his three top tips.

Watch as Cythera’s co-founder and head of Security Operations Ben Cuthbert shares his top three tips for defending against cyber attacks

TIP #1. Update your software. Now.

“First of all. Patch,” said Ben. “A lot of people disable software updates or hit the ‘remind me tomorrow’ button on software updates for months on end.”

“Operating system vendors are not just putting out new features or updates, they are often putting out urgent software patches and software fixes.”

“Be more disciplined in terms of keeping software up to date and keep your laptops and operating systems patched.”

TIP #2. Two Factor Authentication.

“A lot of the attacks we’re seeing are based on credential stealing attacks or phishing attacks. One way to try to thwart that is by adding two factor authentication.”

How does multi factor authentication work?

“You enter in your username and password and you have to add in something else such as a code sent to your phone or you need to hit approve within an application,” states Ben.

“It is just another way to validate that it is really you performing an action rather than someone that has stolen your account.”

TIP #3: Upskill your team

“Trying to upskill your staff is the third really big one,” Ben says. “Running a cyber security awareness program or having cyber security awareness as part of your onboarding for staff educating them on cyber security topics.”

Ben Cuthbert is Services Manager of Cythera, with a leadership team comprised of industry veterans with backgrounds as highly successful entrepreneurs, Tier 1 telco and IT security vendors.

Ben and the Cythera team are passionate advocates with a belief in the criticality of effective cyber security solutions for businesses of all sizes.

Find out more on the Cythera Security Platform.

Making enterprise security defences available to every Australian business

Well-known IT leader Euan Prentice has two missions in life. To visit 100 countries by the age of 50 and to ensure that every single Australian business has access to the same level of cyber security protection.

“Having a purpose attached to an IT company is actually a really enjoyable thing,” said Euan.

“I fundamentally believe that cyber security threatens all Australian businesses and should be affordable to all Australian businesses. That just hasn’t been the case in the past.”

With Cythera bucking the trend by bringing affordable, class-leading cyber security solutions to Australian businesses, Euan’s second mission is looking on track.

“Cythera exists to help Australian businesses protect themselves against cyber-attacks,” said Euan.

“Everybody faces the same threats today equally. Whether you are a dentist, a medium sized manufacturer or a large bank. You are subject to the same problems universally.”

Watch as Cythera Co-Founder and Director Euan Prentice shares why he believes in making enterprise security defences available for every Australian business.

Sitting within Cythera’s Melbourne Headquarters, Euan sheds light on the highly complex architecture that underpins the security efforts that Cythera deploys for clients.

“I think people enjoy dealing with Australian businesses located in Australia,” said Euan. “And staffed by Australians.”

Euan Prentice’s formal background was in law and mathematics however believes that IT has always been a hobby and therefor it has been his career.

“I have done it for over 20 years in a variety of roles from Project Management to Account Management and running and owning businesses.”

Euan previously co-founded the highly reputable and successful company O2 Networks with leading cyber security expert Craig Joyce.

“O2 Networks was an incredibly successful IT networking and security consulting firm. We went to large clients and advised them on how to build robust networks that were secure.”

“What we wanted to do was bring those skills to all Australian businesses. Not just the big ones.”

Euan Prentice is passionate about all things technology. From FinTech to Cyber Security, Euan has a proven track record of building highly reputable and successful IT companies.

Euan leads the passionate team at Cythera, known for their role as passionate advocates with a belief in the criticality of effective cyber security solutions for businesses of all sizes.

Cythera understands the challenges local businesses face protecting their business from cyber threats and has built Cythera from the ground up to support businesses to meet these demands.

Read more on Euan and the Cythera leadership team.

Security Operations head shares some of the common cyber threats facing Australian businesses.

Australians tend to be humble when it comes to announcing achievements to the world.

It’s our point of difference and what makes us so damn likeable. We’re sure of it.

Less time boasting and more time just getting the job done. That’s the Australian way.

When it comes to communicating how good Cythera is at helping Australian businesses stay ahead of cyber security threats, we know that it is one of those things that needs to be shouted from the rooftops.

The reason is, Cythera helps Australian businesses defend against cyber-attacks.

Co-Founders Craig Joyce and Euan Prentice are two of the minds behind the highly successful O2 Networks. They are the go-to experts for Australia’s leading IT businesses and have made a career out of doing what they enjoy.

When they set to work developing their next project to protect Australian businesses, they wanted to work with the best.

In steps Cythera Services Manager Ben Cuthbert.

Ben is that approachable guy who just gets it. In phone or in person, you know straightaway your business is in good hands.

When you’re starting a cyber security business from the ground up, getting him set the tone on how it needs to come together with his experience in security is the right move.

Watch as Cythera Services Manager Ben Cuthbert shares some of the common cyber threats facing Australian businesses.

“Before coming to Cythera to kick off the business, I have been working for Silicon Valley based companies for the last 14 years,” said Ben. “F5 Networks, BlueCat Networks and my last stint was with Palo Alto Networks, helping customers at the larger end of town such as banks and government agencies deploy complex security architectures. To be able to take it to Australian businesses has been really exciting.”

Ben is responsible for building the security capabilities that Cythera delivers as well as running the security operations team.

“This is our people watching our customers environment, responding to alerts, responding to incidents and helping to roll technology out.”

“Part of our role is about educating customers and helping them on their journey to reduce their risk and protect their business.”

When to report a cyber incident.

“Everything from traditional viruses, malware and ransomware has become really prolific. We see a lot of people who come into the office on a Monday and someone has downloaded something and suddenly no one can log into computers within the network.”

“You can imagine if you are a small or a medium business with 100 employees and no one can log into their machines and can’t service their clients or can’t take payments. You can imagine how quickly that would shatter your business.”

“We see a lot of phishing attacks where someone gets sent an email asking them to log into something like Office 365 or Dropbox. They get their credentials stolen,” said Ben.

“We’ve seen a lot of incidents lately where attackers have got access to invoices and they have edited the invoice and resent them to clients with different BSB and Account numbers. If you are a small or medium business that can really effect your bottom line.”

Ben is head of security ops and services at Cythera, with a leadership team comprised of industry veterans with backgrounds as highly successful entrepreneurs, Tier 1 telco or IT vendor providers.

Ben and the Cythera team are passionate advocates with a belief in the criticality of effective cyber security solutions for businesses of all sizes.

Read more in some of Ben’s recent blogs

Cythera Co-Founder and Director Craig Joyce shares why he stands for Cyber Security in Australia.

Craig Joyce has a strong reputation for his work in providing senior leaders in Australia with counsel on all matters relating to IT.

Craig has helped countless businesses thrive under varying conditions and across manufacturing, retail and technology sectors, also lending his focus to new businesses that need the right IT tools and advice to grow.

As one of the minds behind the highly regarded O2 Networks, Craig has spent his career taking on challenges in the IT industry and shedding light on the complex cyber security issues that businesses face every day in Australia and around the globe.

“The important thing with starting any business is understanding what it is you are setting out to achieve,” said Craig.

“We stand for cyber security and we are out there to protect our customers. That whole approach of thinking closely around what you would need to protect your own business and what type of services you would want to consume is a really good launching position into figuring out what you think you would need to appeal inside the market.”

Find out more on the Cythera Protection Platform

“We have spent a lot of time looking at the technologies and the cyber security landscape and the threats that are out there and we’ve tailored our solution set to meet those requirements. Also, at the same time we’ve really focused very much on ignoring what’s come before and thinking where things are going in the future so that we know our platform will stand the test of time.”

Two biggest threats to businesses in Australia

“The two biggest threats to your business are going to be attacks that are aimed towards your people and attacks that are aimed at the end point. It is important to have both of those at the forefront of your mind,” said Craig.

“How do you educate your users? How to you make sure their devices are secure? They are the most common forms of attack.”

“Last year, 75% of all attacks were aimed at individual users and behaviours of those users to launch those attacks.”

“Our whole business is based around being your eyes, so we will look at your security infrastructure, we will look at your business and we will identify threats and we will help you remediate any that may occur within your environment.”

“We are the one stop shop.”

Watch as Co-Founder Craig Joyce shares why he stands for Cyber Security in Australia.

Craig Joyce is Co-Founder and Director of Cythera, with a leadership team comprised of industry veterans with backgrounds as highly successful entrepreneurs, Tier 1 telco or IT vendor providers.

Craig and the Cythera team are passionate advocates with a belief in the criticality of effective cyber security solutions for businesses of all sizes.

Cythera understands the challenges local businesses face protecting their business from cyber threats and has built Cythera from the ground up to support businesses to meet these demands.

More on the Cythera leadership team.

Compromised business partners : How hackers catch you asleep at the wheel.

This week while on-boarding a new customer, before we could even start we needed to help them recover from a compromise they had received before coming to us.

A user had suffered a phishing attack and had their Office365 email credentials stolen. Email phishing is the act of sending emails purporting to be an entity (such as Google) or an individual (such as your CEO), often using a crafted email with graphics and text from legitimate emails included to fool users into entering login information or opening an attachment. The attacker can then use the stolen credentials to gain access to your organisation, or use malware the user clicks on to gain a control channel into your environment.

In this case, the malicious actor had utilised a common method to compromise a business; They had taken control of the email account of a trusted business partner, and had then sent our client an email with a Dropbox link purporting to contain a legitimate looking business proposal.

This method is highly successful because when we receive an email from a known or trusted user, we tend to bypass our usual scepticism and control when it comes to clicking links or opening files. In this case, our client actually replied to the email and asked if it was legitimate. He got a reply ‘Yes it is, I need you to respond to it urgently’. As the business partners email had been compromised, the hacker could reply themselves in an attempt to validate the email. The client then opened the file which prompted him to login to Office365 to access to file, and his credentials were then stolen.

So how can we better protect ourselves from these sorts of problems? Email filtering won’t always help here as the emails actually coming from a seemingly legitimate user. But secure DNS and web filtering (such as what we deliver with our DNSProtect and WebProtect portions of our protect platform), would have helped prevent the user from inputing their details into a phishing site by blocking the phishing page from displaying in the clients browser. Not reusing passwords across accounts is another good practice to limit your exposure to any compromise should it take place. Additionally if the Dropbox link had instead contained malware, ransomware or a remote access tool (commonly called a RAT to security operators), an endpoint protection agent such as MalwareProtect and EndpointProtect would keep you safe.

The changing face of IT security buying

Buying IT security can be a complicated process.

Today, there are literally thousands of security vendors who all claim to have the latest and most secure security product on the planet to help defend your businesses from cyber-attack. But which ones do you pick?

Businesses must work with technology partners, vendors and industry peers to make the best security technology decisions, but this takes time, money and plenty of people from all areas of your business.  To compound this problem businesses are confronted with countless industry terms, buzzwords and acronyms to make decision making even more complicated. Do you need a SIEM, EDR, MDR, EPP, NGAV, CASB, SOC, DLP or maybe even UBA?  What’s more, the security solutions can often be in search of a problem which may not exist in your business but because of slick, fear based selling tactics businesses can make poor security technology investments which don’t solve the most critical problems.

Businesses also face confusing information from technology partners and vendors who can claim they work in unison with other technology vendors under consideration. However, when you scratch the surface they don’t work in unison or can’t easily be integrated into a single cohesive solution.

Finally, businesses are now regularly seeking consumption-based procurement options for security technology. Options include per user pricing, monthly payment plans and annuity-based cloud licensing which avoids infrastructure obsolescence. Many of these options have been available for years with other IT solutions but for some reason security has lagged. As such, businesses are stuck with large, up-front capital investments which are infrastructure heavy and may struggle to defend against new and emerging threats for the duration of the designated investment period.

To help address these problems, the team from Cythera developed the Cythera Security Platform – Protection Bundles. The bundles utilise a combination of class-leading managed security technology to defend against common and advanced security threats. The bundles are cloud delivered, easy to set up and billed on a monthly basis, per user.  No longer do businesses need to complete complex, time consuming market assessments, technology testing and procurement processes. Cythera has already scoured the market for the best security technology, rigorously tested it in a production environment and developed an easy-to-consume, subscription based commercial model with low upfront costs.

Cythera has developed a platform which helps business save time, money and important resources while improving the security posture for the life of the subscription service.

For more information or pricing visit https://www.cythera.com.au/protection-bundles

How to securely remove MPLS from your network.

Businesses with multiple locations have been stringently handcuffed to costly, complex private networks such as MPLS for years. It’s been an unavoidable cost and it’s compounded if you operate in isolated areas throughout Australia.

 Even though MPLS is costly, it’s been extremely effective at securely transporting data around the world for decades. MPLS acts like a private toll road which ensures your information can travel securely from point A to B without crossing paths with anyone else’s information. On the downside, even though it’s a private road, MPLS can still get congested and there are speed limits in place to stop you going too fast. Businesses can increase the speed limit and add more lanes to the tollway but this simply pushes up the price. 

 Regardless, MPLS is fast becoming obsolescent. Many businesses are now utilising cloud applications like Office 365, Salesforce and 1000’s of other cloud delivered applications which can be accessed from any location using an internet connection. This has enabled employers to offer flexible working arrangements because employees can now access these applications from home or remote locations without an MPLS connection.

 There are security risks with this approach as hackers can get between users and unprotected internet connections with a well targeted attack. This is one of the reasons why businesses have been unwilling to completely remove MPLS or private networks when utilising cloud applications. 

Another reason is because the internet can’t provide guarantees around speed or availability. In other words, businesses are hesitant to push all corporate traffic including voice and video solely over an unmanaged internet connection.

 So where does this leave us? 

 Well, some businesses run a combination of networks including MPLS and Internet. Certain applications are delivered over the internet using VPN overlays, and others still use MPLS. This approach works, but it’s obviously tricky – especially when managing a sprawling application set and a conga line of security devices spanning data centres operated by your business and third parties. Business also need to establish various security policies for all the networks they operate.

 Cythera has a different approach which allows business to completely remove MPLS. It’s called Secure Network Fabric and utilises technology from Cato Networks. Secure Network Fabrics utilises intelligent SD-WAN controllers and a carrier grade backhaul network with points of presence across Australia and extending around the world to securely route application traffic. All you need is an internet connection. Secure Network Fabric includes a fully integrated, cloud delivered security stack including Next Generation Firewall (NGFW), Intrusion Prevention System (IPS) and detailed reporting to monitor performance and user behaviour. Secure Network Fabric is also optimised for voice and video and includes support for desktop and mobile users. 

 The Cythera Secure Network Fabric removes the need for an expensive, complicated MPLS networks whilst delivering enterprise-grade, unified security controls and granular network visibility.

 To find out more – visit https://www.cythera.com.au/secure-network-fabric

Learnings From The Trenches : Cyber Security Tips For Australian Businesses

We help a lot of Australian businesses out with security incidents, as well as recovering from hacks and breaches. Many of them can be attributed back to human error or poor security hygiene. I thought I would share some of my top tips to help you avoid a costly hack, or brand damaging breach.

Patch Patch Patch

This is an easy one. Operating system vendors don’t just release patches for new features, they’re also patching security vulnerabilities regularly. Keep desktops and laptops up to date and enable automatic updates wherever possible. Apply the same thinking to critical applications such as Microsoft Office (Vulnerabilities in Microsoft Office have risen 121 percent over the last 6 years ), to keep ahead of problems.

Enable Two Factor

Many successful cyber security incidents start with an account being stolen or ‘phished’. One way to help stop these attacks being escalated is to have a second factor of authentication beyond just your username and password. This means that even if an account is stolen, the attacker can have a difficult time accessing the second login which may be a token or application that runs on a users smartphone. Two factor can be enabled selectively such as when a user is outside your corporate network. Some 2fa vendors to consider are Authy https://authy.com/ and Okta https://www.okta.com/ .

Bake security into your culture and people

Cyber security is not just about technology and processes, it’s also about your people and the way they go about their day to day business. As a successful cyber attack can shut down your business or irrevocably damage your brand, It’s key that management and executive set a good example as this attitude then flows throughout the organisation. Ongoing cyber awareness training to make staff more conscious of potentially malicious behaviour will improve the cyber-hygiene of your business, with more mature organisations now also including cyber security training into staff onboarding.

Be Proactive

Accounts that are stolen or included in breaches often end up being sold on the dark web for use in other attacks. There are resources available for you to check if key staff accounts have been included in previous breaches. https://haveibeenpwned.com/ allows you to search for staff email accounts, and any that are discovered should have passwords reset and even enabling two factor authentication on.

Have a plan

There’s a common theme with many of the companies we assist with security incidents; They didn’t plan for one. They often have a health and safety plan, and even a terrorism plan! This doesn’t need to be war and peace, and can be a single pager on roles and responsibilities, as well as who to contact including any cyber security partners you work with to assist in responding to incidents. If you have any regulatory bodies or government agencies you liaise with make sure to include any reporting structures that may need to take place here. The Australian Office of the Information Commissioner has a good guide on data breach plans . Make sure you’re also familiar with the Notifiable Data Breach Scheme .

Engage a security partner

There’s lots of talk about the increasing skills shortage in cyber security. And let’s face it, cyber security is probably not part of your core business so you’re constantly going to be playing catch up with a rapidly changing landscape. By partnering with a cyber security specialist you’re also subscribing to the ongoing skills and herd intelligence to help you plan and protect your business and brand from being the next headline. Just make sure they’re a specialist and not someone who’s also trying to sell you phones systems and printers.

Australia’s emerging enterprises are facing the same security risks and suffering the same incidents the big end of town are, but with much less capability to respond and protect themselves from a rapidly changing space. By baking security into your businesses DNA, and partnering with strategic cyber security specialists, you’re setting yourself up for success.

EvilClippy and the rise of Office based malware.

Last month a cross-platform assistant for creating malicious MS Office documents, named EvilClippy was released.

It allows an attacker to hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools.

Attackers can now hide malicious code from anti-virus and macro analysis tools by leveraging undocumented features in the way macros are stored within an office file.

Macros are stored in Compound File Binary Format (CFBF) and EvilClippy uses a technique known as VBA Stomping to replace the compiled version of the macros with something malicious.

According to the creators of the tool it allows attackers to bypass all anti-virus solutions, however it’s worth noting that Deep Instinct’s VBA and Office deep learning models available since November last year prevent all threats produced using EvilClippy without requiring an update or cloud lookup. Anti-virus vendors cannot detect threats created with this tool statically and must update detection hash by hash (reactively) as samples are submitted by customers.

Certainly the name of the tool is a tongue in cheek play on the name of the old office97 assistant, Clippy, that proved universally unpopular with most users.

A full write up and download of the tool itself can be found on Outflank and GitHub.

Recent In the Wild Office/macros threats

Published below a list of hashes we have prevented at customer sites related to malicious office documents.

These include threats created using EvilClippy and word and excel droppers used in a number of campaigns, including, Emotet, Fareit, Lazarus, Lockergoga and Alcaul.

Again prevented statically with Deep Instinct’s November 2018 model.

Shift from Web based vulnerabilities to Office vulnerabilities

This data published by researchers from Kaspersky illustrates the pivot from browser based attacks to office doc attacks, which is an interesting trend.

FlawedAmmy Remote Access Trojan being dropped by Excel macros – Microsoft Security advise ‘DisableMacros’

This last week we are seeing another successful campaign that uses excel macros and digitally signed files to deliver a remote access trojan. Microsoft’s security team’s only advice remains to ‘disable macros’

Cythera’s managed Protection Bundles are designed from the ground up to help your business meet emerging threats such as these, and provide you with ongoing outcome based security.

doc
00ad2bfa421242f600edc04ff9ac01bd08850e35397f055bd88e252cecb5f6dd
0e0bc96e1e419eeb6a9f54578b3e0c4f27a75646c37f4e5e05bf7d1ff3211c34
1085636bb02300e9275a9a48befc7ab6b4e7b8df6354430058e87bd9198b53ea
10ccf633e11c7ac3627042c91b06c99f7d4011b97f8928c77cc18283ba8ebbac
11cabfcef490a268346b05713d8257abe6223987ff057351d7c9d2f54d8e7126
14a8b1823d188751fb9e437808b8ecad7c29bdb3c7dd6a0949e5c2851948626d
1747cc231ecf0f5f70838e319412e74ce548958dc8db5e626544b3babb56bd57
4236042697f72d0a788466203d7734fdb493cddb8c6de52f04fd25d917f1e5c8
4ff75466b5cfae00724f67f42c8bbbe1b06edcdfbdc175d60afbe8da9dca0a5e
7e37acc9eb2f54a57af4eb5f9287b220e172bfece705d250b5844363c14e8085
830483d5c82a7f8df6135e3e3db9a2d0242981da7928e04be4450f52ab24563c
8966f0144f3d85390bfd42d7183e0362a27d0a624f3b9975782ab2844ffbbfe4
913a4217ce0e5236ccf2d911977b5a7cc565d323085271ceb5492f4306bf6306
91977393c39a5e13ba5e5f4aa0b16342d4f9bb57b84b9e03ecbb1f79a3b479c3
9a051c20ad94254fd39327a39d7abfaf5fa6d8e29b2b876e4114645aa2afbe8e
a23dcebc35580e8d1cf3e5404ee62ff7fc1ec9d1d83c9ff469e60a100912b684
a2cb13a6e2fb1f290d52f4e0dbb57286832cfce1f8f7d77225d1d23c9b1b45fb
aec5a1d4b49711fec45139e54c9f7ff313e9488dc5d71a4127a61c8cd256ba2b
b57d08d70da6bc7c94af6e7abfbc2267b726b7166215187cd6249437b6583668
bdce87e14fac462355647a5edffc6cdb9518b395c30b3e4229345320f37033ad
c53fca82bf215c1f0f994d1d6c523ca47b57e204e7bf690688ab6944676752a3
c7062cafca86f5e66928ec7081c98962ba41f0b1b73eecddb278929eedd29ff5
cfcf648d9f4f6c888b5fbb5bcd9f0a0f4adfabc80412f1a134d1c5211515ba04
d21318282e6c8d888b686fb61d87891fff4df575a8a84ea1d2784c0445409cdc
dfcabffce9c3fb42e58aff39f38f325332f5219aa501799ea04735d2ecfd2d68
e17689eeda9d50c9e4549300cf91f10655ebe9d1c681f337ea175a78b55f6a0e
ed1f3491ef952692e422914b44fe532392569e82b2f60bc09e829ca40479695c
f0ca2bcc1a7e87af25e3608652e3fd60b7917dda6ec2d3959b1c900e02338866
f28f62f33ff6ea0d8d9708e54142e83603afe0bcdcf1206bca2f2dfa00e05b0c
fb0a2cba32b1774e4356ebc797ff78c5d148b3fd475f86b2f27f3b9ed9c17ff2
fcb9a3f1e47657b24395ed82d241768c2ce1db82e48a3f2eeaa15f890e00d5b5
xls
17c484ec8a7b39f13d6d06341f26942b80cce72c68d8b8781bc92b626d259549
1c0bb461a1e6ef4828099cbf9b4bc4295ccaf0658d2942162718808609d9023f
3e114876a826bcc3d316fde247e0318ca407a3d112be71e72419c662a341e4d0
73e34961788d6ec841db517b89181a01fd2f8b943921ee7e0dba0709dbdcdda3
761dd88f174641870d799241b95dbf6c8b410d0bc895f30e508a94a716e68427
7c80a0c687c12363ce9a6ecd853f7482c30fa3b21fca689f3317cebde09c0390
7f514641d85bdd829961214ad84b22ab85da69942fd08c7b4877357447297799
87e2dac622b380b6868411bb069b312a2706d2eadb047f58605bc041d949f440
948961ee4aaedab07897f8b85b44f22b24f7274544e092f9fb3ca6abf81ae4b5
9d9db5b5989a0fb87badb28f9fc8a176234ed635d09b0a7ccca8b330ef2f24b7
a75ca621267c58c9e8eb8b55b1ff5cce300730a02bee71f03185757c479fa9f0
b691bcc1f81d08063191b9d80717bbecfdae7ba83f1237e75b1d9e052685c21f
d1ed1008379f13d46d410adc34c886e8dd6624ffbdfeefe48e32f32954f210b8
f2ce43e8f451d32b98ff19814e856552cf384d3732b66a59e04f9000997d655d
f2d6f5ace027e74338fd74ea8ff642c6dcc5a80c59d0e2f0282522c14507ea31
evilclippy
1581b2159f11c04fa318be2b25f26cb35806243e1130b62bbe635ac7b67cf944
50b7e9d587ab58ffba9548b7dc3d3ccc95007f0d653707a28eddc25fe768201f
21c72137c2210301312edc954cca3fcbc91fffe85b8593264a435abeed37979e
e9c03dc432f00af0ecf825a714d56eb57b48fca4bccd1dc845e7ced61071f941
6066d2c77c86dcb0e802b0420b37aa8eabc0a8bd3d0e9b30aae6ced21080dbff
2e9111ce93f4a1aa0911bea14b6d37998d8f847b0d0b950204e7d25e265611d1
d2e479a6720dad2b9ff92d09a68242e8702d0c7b996bdfc84bb2820182fa19b0
e31f43f734443473bf2566d5a6f56a7a903813518d2a7735162fc008cce6d7d6
5b8c8dbf701d78d4edf4221a88e1fac0d2b9184c39bf6b1f29f8132156d0a4aa
357de9450813429f83ada806a4c60670fc5b50f8fcc2d2114e5f2715defc23ef
c351b23c7bdec9e1d0d0046ea0dc043a9f2c87e68293e68317435c11c6fd89db

Reporting A Cyber Incident

One common question we get asked by customers who have been on the receiving end of a cyber incident, is how to go about reporting the incident to authorities. Many of us are well aware of the avenues to take when we are the victim of common crimes like theft or criminal damage, but what’s less clear is how to go about reporting incidences of cyber-crime.  

Be it from phishing attacks that compromised user credentials to targeted ransomware attacks that sought to extort your business, reporting is an important part of the remediation cycle. Reporting allows authorities to document and report on the scale of cyber crime in Australia as well as provide you with assistance in investigation and potential later prosecution of attackers.

In the past there were a number of options available to report cyber crime. CERT and ACORN were the common ports of call, however in 2018 CERT was absorbed by the Australian Cyber Security Centre and, since the start of FY20, the Australian Cybercrime Online Reporting Network (ACORN) has been replaced by The Australian Cyber Security Centre’s Cyber Issue Reporting System.

To report a cybercrime today

Please report cyber crimes at the following URL: www.cyber.gov.au/report

Reports can be lodged on behalf of individuals or businesses operating in Australia (with a registered ABN) or government departments.

Note: If you have lodged an ACORN report in the past, this will not need to be resubmitted and will follow the previous path for investigation.

Why report cyber crime?

Reporting cyber crime is an important responsibility of Australian businesses and cyber professionals. The scale of cyber crime needs to be adequately reported upon and monitored to ensure that investments made by the government and its agencies are focused and concentrated on the Australian threat landscape.

Additionally, if customer or personal data is compromised during a cyber incident, you may have other obligations with reporting upon a breach as part of the OAIC’s Notifiable Data Breaches Scheme. This scheme applies to agencies and organisations that the Privacy Act requires to take steps to secure certain categories of personal information. This includes Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and many more. 

At Cythera we have a strong understanding of the various doorways open to businesses to investigate, remediate and report on cyber incidents including your business’ responsibilities with respect to mandatory data breach notification.  

If you believe your business is (or has) been impacted by a cyber incident we can mobilise quickly, work on your behalf to contain risk and provide a surefooted pathway to restoring your cyber security posture. Contact us on 1300 CYTHERA (1300 298 437) to discuss how we can help today.

By using this website, you agree to our use of cookies. We use cookies to provide you with a great experience and to help our website run effectively. You can read our cookie policy here.