International cyber security expert warns Aussie businesses

International cyber security expert warns Aussie businesses | Insurance Business

International cyber security expert warns Aussie businesses
A global leader in cyber security has warned that Australian businesses must develop and implement plans for a cyber attack as hackers are targeting the country with more frequency.

Mikko Hypponen, chief researcher at cyber security firm F-Secure Corporation in Finland, told the Australian Financial Review that hackers are not only increasing their targeting of Australian businesses but also the sophistication of their attacks.

"The criminals have been targeting addresses and have a fairly convincing story," Hypponen said referring to phishing-style attacks that trick an unsuspecting user into opening an infected email and exposing their computer to hacking software.

Hypponen stressed that it is not only an isolated, computer-by-computer threat but once hackers gain access, they can infiltrate an entire business network and hold all documents ransom or release them online.

"It is worse for a corporate environment where the malware will mount everything it can see, so in a large corporate network it will encrypt not only the files of one user but everything that user's computer can see."

According to recent research, cyber attacks cost Australian companies over $2.5 million on average and with a recent number of high profile attacks, most notably on insurer Aussie Travel Cover, business across Australia need to assume the worst.

Deloitte Cyber Risk Services Partner Tommy Viljoen noted that Australian companies should take the attitude that they have already been attacked and transform the way they think about cyber security and risk.

“In Australia businesses need what we term, ‘actionable intelligence’. They need to transform how they think about cybersecurity - building ever more secure environments and ever higher firewalls no longer works.

“The cyber-criminals are already on the inside. Knowing what’s happening, and working on the basis of having already been attacked, and preparing for even more complex and often apparently ‘insider’ attacks to happen again, is what’s now needed. It is transformational.”