CFOtech Australia logo
Technology news for Australian CFOs and financial decision-makers
Story image

Phishing attacks are making a comeback

By Contributor
Tue 21 Jun 2022

Article by Exabeam CISO Tyler Farrar.

Phishing attacks are on the rise in Australia. First observed here in 2003, the rapid shift to digital services and eCommerce due to the pandemic has presented bad actors with a raft of new opportunities to attack the vulnerable.

No matter what approach or tool cybercriminals use to breach a network, they all have one thing in common: access. Compromised credentials are one of the most popular ways that adversaries penetrate a network, and are the reason behind 61% of breaches. Hackers can gain login information through a variety of methods, but phishing schemes remain the most commonly used and trusted method. Companies are aware of this fact, yet they continually fail at adequately protecting systems.

Phishing attacks are so successful because they rely on exploiting the common human element of trust. These attacks usually appear as a benign email message from a supposed colleague, or perhaps a leader within an organisation – someone in a position of trust, in other words. Other times they may appear to be from a recognised partner or end user.

However, through the fog of a carefully crafted message, a cyber adversary eagerly waits for a target to fall victim to their trap. Although phishing attacks are highly documented, it remains a serious and effective method of attack against non-security professionals. In fact, email-based phishing attacks have only gone up. In 2021, 86% of organisations experienced a successful phishing attack – up 36% from 2020.

One major contributing factor in the increase in email phishing attacks is remote work. Unfortunately, dispersed workforces carry corresponding security complications. During the past two years, the security perimeter has disolved and corporate networks have evolved from strictly on-premises to the cloud, enabling employees to work from anywhere around the world. It is important to note that remote/hybrid work has blurred the lines between personal and professional life.

To avoid phishing scams, organisations must invest in educating employees on recognising the early signs of phishing scams, how to differentiate phishing, and good cybersecurity practices. However, it is also essential that modernised solutions are implemented in place as a backbone of an organisation’s cybersecurity posture.

Staying cyber smart against competent criminals

Rather than retreating to legacy solutions and failed strategies, companies should rethink using proactive techniques for addressing cyber threats head-on. Human error is also frequently to blame for as many as 95% of data breaches. In this case, security leaders need to understand what constitutes a normal level of activity for their networks, and how to identify abnormalities that should be flagged for detection, investigation, and containment, in order to prevent any damage to business systems.

A recent example of why this visibility is important is the devastating SolarWinds breach, in which cyber criminals went undetected inside network systems for 6 months. This incident was a wakeup call to the cybersecurity industry, and one which hopefully drives people to take a proactive approach to cybersecurity. Cyber criminals can remain undetected on internal systems for months if adequate detection solutions are not in place.

Having a threat detection, investigation, and response (TDIR) solution in place can help an organisation to remain protected in the current threat climate. Allowing for a mix of behavioural analytics and smart cyber hygiene can prevent credential-based attacks and hostile lateral movements across the network. TDIR system solutions allow organisations to create a baseline of normal behaviour through machine learning technologies. Security teams can thus spot abnormalities faster and can implement security protocols.

Another step to preventing phishing attacks is for organisations to empower the workforce using proactive measures to bolster security defences. Employees remain a critical aspect of a company’s security posture, and having security teams regularly monitor behavioural analytics while also educating employees on password best practices can go a long way toward ensuring the organisation is protected. Best practices include changing passwords regularly or using password vaults, enabling multi-factor authentication, or using adaptive authentication. Employees who routinely implement these and other cyber hygiene practices for both personal and professional accounts minimise the risk of being victims of a phishing attack.

Finally, security leaders can implement a regular cybersecurity awareness training program. The key to developing an effective security awareness training program is to make it accessible to all departments within the organisation. This can be done through brief or bite-sized knowledge sharing that provides examples of what employees can, and should, be doing to maintain a responsible security posture online. A proactive, joint approach to cybersecurity can be a boon for growth of the organisation.

Related stories
Top stories
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Digital wallets
NFTs are ready to disrupt the ticketing world
The last few months have seen NFTs wielded by digital creators to take ownership over their craft and content. Now other industries are beginning to understand the real-world value that these nifty decentralised tokens can provide.
Story image
Artificial Intelligence
Juniper study reveals top AI trends in APAC region
Juniper's research shows an increase in enterprise artificial intelligence adoption over the last 12 months is yielding tangible benefits to organisations.
Story image
New VMware offerings improve cloud infrastructure management
VMware has unveiled VMware vSphere+ and VMware vSAN+ to help organisations bring benefits of the cloud to existing on-prem infrastructure.
Story image
Sutton Tools deploys Infor M3 CloudSuite for manufacturing
Sutton Tools has also implemented the Infor OS cloud operating platform, including Infor Intelligent Open Network and Mongoose.
Story image
How to achieve your monthly recurring revenue goals
Monthly recurring revenue (MRR) is the ultimate goal, the most important issue on which anyone in the IT channel should focus.
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."
Story image
Video: 10 Minute IT Jams - An update from CrowdStrike
Scott Jarkoff joins us today to discuss current trends in the cyber threat landscape, and the reporting work CrowdStrike is doing to prevent further cyber harm.
Story image
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Market growth
Salesforce unveils new offerings for consumer goods companies
Salesforce has announced new products for consumer goods companies to help brands navigate increasing market complexity more easily.
Story image
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
The Access Group
Struggling to understand which transformative technologies will help your business? The Access Group provides a look into key opportunities and impacts for finance.
Link image
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Digital Transformation
Google Cloud launches new Digital Accelerator bundles for Aussie SMBs
The new bundles are designed to help Australian small and medium-sized businesses embrace digital transformation and take their businesses online.
Story image
Mastercard reveals first-ever album titled Priceless
Mastercard's music album Priceless has been unveiled at the Cannes Lions Festival of Creativity and features 10 songs by 10 artists worldwide.
Story image
Robotic Process Automation / RPA
Salesforce announces latest generation of MuleSoft
Salesforce has introduced the next generation of MuleSoft, a unified solution for automation, integration and APIs to automate any workflow.
Story image
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Story image
3D Printing
Fleet Space, Konica Minolta partner for 3D printer offering
Fleet Space has partnered with Konica Minolta to implement 3D printers from 3D Systems to support the commercial small satellite manufacturer’s offerings.
Story image
Honeywell launches new carbon energy management software for buildings
The new Carbon & Energy Management service allows building owners to track and optimise energy performance against carbon reduction goals, down to a device or asset level.
Story image
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Forrester names Talend Leader in enterprise data fabric
Forrester has named Talend a leader among enterprise data fabric providers in the Forrester Wave: Enterprise Data Fabric, Q2 2022 report.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Martech experts reveal the “buzz” on personalisation
In the digital age, innovative technology must be leveraged to power an efficient and effective relationship marketing strategy.
The Access Group
Increasing headcount isn't always the best way to grow. A good financial strategy can help solve many issues, and The Access Group shares the secret to success.
Link image
Story image
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Data ownership
Brands must reclaim trust by empowering data ownership
According to Twilio's new State of Personalisation Report 2022, 62% of consumers expect personalisation from brands, and yet only 40% trust brands to use their data responsibly and keep it safe.
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Phishing attacks are making a comeback
No matter what approach or tool cybercriminals use to breach a network, they all have one thing in common: access.
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Story image
TO THE NEW unveils A/NZ Managed Services for Microsoft Azure
TO THE NEW has released Managed Services for Microsoft Azure to meet the growing demand in the A/NZ market and globally.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Macquarie Data Centres
Macquarie deal to pioneer CO2-cutting data centre tech in Australia
Macquarie Data Centres has signed a multi-year deal with ResetData, an Australian first provider using Submer data centre technology. 
The Access Group
Health and social care organisations are currently under significant financial pressure. Find out how financial transformation can help provide an effective route forward.
Link image
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Digital Transformation
What CISOs think about cyber security, visibility and cloud
Seeking to uncover the minds of CISOs and CIOs across Asia Pacific, my company recently asked Frost & Sullivan to take a snapshot of cloud adoption behaviour in the region.
Story image
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Digital Transformation
Stax and Consegna partner to accelerate modernisation
According to a statement, the new alliance will help both companies expand their reach across the region and realise joint goals.
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.
Story image
The rise of digital gifting in the workplace
The name itself does most of the explaining; it’s a gift you receive virtually. But a misconception about digital gifts is that they need to be redeemed virtually as well. 
Story image
Workday winning on culture and family focus
This family-first approach sees all employees receive access to family-wide private healthcare cover, as well as income protection and life insurance policies.
Story image
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Adobe survey reveals link between brand trust and consumer buy-in
Adobe has announced results from a study, which finds a strong correlation between brand trust and consumer behaviour.