Australia sees cyber attacks against finance industry more than triple


This year’s NTT Global Threat Intelligence Report (GTIR) is a stark reminder of the threats that can be caused by swift digital transformation that doesn’t adequately address current security threats. In 2020, we saw a significant shift to cloud services and hybrid environments, and this trend isn’t set to slow down in 2021 with Gartner predicting an 18.4% increase in cloud spend in Australia. Unfortunately, these infrastructure changes — coupled with the increase of sophisticated cyber-attacks — are resulting in loss of information, and significant damage to businesses and government throughout the country.

According to the report, globally, healthcare, manufacturing, and finance industries all saw an increase in attacks (200%, 300%, and 53% respectively), with these top three sectors accounting for a combined total of 62% of all attacks in 2020, up 11% from 2019. For Australia, the top attacked industries were finance (46%), education (26%), manufacturing (13%), public sector (8%), and technology (6%). Unsurprisingly, Australia’s finance sector continues to attract high levels of cyber attacks, with figures more than tripling from 2019 (13%), making it the most targeted sector in both the nation and globally.

John Karabin, Senior Director of Cybersecurity, NTT Australia NTT

This increased risk doesn’t boil down to just one reason, rather, it is a complex combination of a number of things — driven by the shifts in digital usage last year, along with a lack of resources and funding to improve security posture.

Why was the Australian finance industry targeted so heavily?

Attackers targeting the finance industry have three essential motivations: stealing data, modifying the data and committing direct financial theft. The Australian finance industry in particular, is generally perceived as a target-rich environment containing both personal and financial data.

With the country’s economic profile being more stable and wealthy than many, Australia increasingly became a key target for adversaries. The considerable online presence and increased activity, providing the perfect opportunity for adversaries to take advantage.

A further trend noticed globally was the rise of cryptocurrency miners. Coinmining malware infiltrating computer systems, taking advantage of the rising value of digital currencies, has become common and likely to grow as a threat.

However, we’ve already seen how resilient businesses are, with the speed in which they’ve bounced back and pivoted to a hybrid cloud model. Australia’s finance industry has a higher cyber maturity level (1.9) than the global average (1.84), but it’s critical that complacency doesn’t set in. As business evolves, so too must security practices.

The global increase in malware attacks

While malware is becoming more commoditised in features and functionality, it also became more diverse over the last year with the growth of multi-function malware. Cryptominers have replaced spyware as the most common malware in the world, but the use of certain variants of malware against specific industries continues to evolve.

Globally, worms appeared most frequently in the finance and manufacturing sectors. Healthcare was impacted by remote access trojans, while the technology industry was targeted by ransomware. The education sector was hit by cryptominers due to the popularisation of mining among students who exploit unprotected infrastructures. The crypto-currency market is a prime example, with cryptominers accounting for a staggering 41% of all detected malware in 2020.

Changes in operating models or adoption of new technologies present opportunities for malicious actors and with a surging crypto-currency market popular among inexperienced students; attacks were bound to happen. Now, as we enter a more stable phase of the pandemic, organisations and individuals alike must prioritise cybersecurity hygiene across all industries, including the supply chain.

In 2021, it’s critical that organisations focus on prioritising cybersecurity in business transformation, take the time to understand their environments and the risks in them, and embrace a security-by-design approach. This includes implementing advanced architectural approaches such as Zero Trust and Secure Access Service Edge (SASE). It also involves increasing the level of automation through the use of artificial intelligence and machine learning, and ensuring that hardware, cloud environments and applications are monitored and resilient around the clock.

Copyright © 2021 IDG Communications, Inc.