How the pandemic has changed cybersecurity
Criminals will make the most of a crisis situation. Cybercriminals are no different.
During the bushfire crisis in Australia in early 2020, we saw a stark rise in cyber-related scams exploiting the mood of the time. At the peak of the COVID-19 crisis, we saw the same thing.
In July, Google detected 18 million malware phishing messages a day related to COVID-19. In the US, the FBI reported a fourfold increase in cybercrime.
It’s no secret why: with much of the world workforce forced to drastically change their routines, and countless companies forced to rush into digital operation environments, we are significantly vulnerable to the kinds of exploitation cybercriminals thrive on.
For businesses around the world, the solution is clear: the pace and scale we’re changing and adopting new innovative technologies means we have to step up our cybersecurity practices at a similar speed.
At ANZ, we’ve seen similar trends. A year ago we were blocking about four million emails a month from coming into our organisation. That went up to around 12 million at the height of the crisis. That shows the increasing volume of attempted crime we’re dealing with.
COVID-related emails were around 550,000 a month at the peak. Clearly, criminal organisations are finding targets they think are vulnerable - and sometimes are successful. What’s also clear is this is not entirely a COVID phenomenon – part of it is just trend we're seeing more broadly, across a range of regions and organisations.
The world’s abrupt turn to digital has opened up huge opportunities for businesses. But as a result, there’s never been a more important time to address the challenge of cybercrime. We need a consistent approach across organisations to ensure we're all able to respond to protect ourselves - and each other.
This podcast was recorded in late 2020.
The innovation and creativity we have seen from organisations during the pandemic has been wonderful. A Mercer study in March found 92 per cent of companies had planned work-from-home scenarios in the event of office closures.
Adopting transformative technology has been a gamechanger for many organisations as they kept themselves afloat during the height of the pandemic. Much of this innovation has been encouraged by the unprecedented interconnectivity established in this time – and it is critical we keep these connections safe in order to continue to benefit from it.
As technology grows, it can often become more complicated, and this can have an exponential impact in large organisations. Sometimes keeping those complicated environments safe can be difficult, as there is more data to protect, more points of interaction to secure, and more people involved in the process.
It's really important we put in place the cybersecurity necessary to protect this connectivity, because if people lost confidence in it, it could have very damaging consequences. Every part of every organisation must understand what they need to do to make the most of these post-COVID digital opportunities.
For leaders of organisations, it’s important to understand cybercrime is big business. There are estimates cybercrime will cost organisations and individuals worldwide $US6 trillion by the end of fiscal 2021. That’s a significant amount of money.
That is in addition to the repair costs for impacted businesses, with the average cost of a data breach for businesses is $US3.9 million.
The truth is, with the capability available to anyone in the modern world it is relatively easy to attempt cybercrime. The ease at which unsophisticated actors can acquire the right tools is almost scary. Capabilities previously only available to nation states are now accessible to ordinary criminals, and very cheaply.
A critical factor for business to remember is the pace at which vulnerabilities are now exploited. We used to have weeks, sometimes months, between a new vulnerability being discovered and being exploited. These days it's minutes. Being able to secure systems quickly - effectively automatically - is very important.
Continued software maintenance is critical. Things like ensuring software is patched, updates occur automatically and vulnerable areas are protected are important first steps. Often large organisations will have a way of assessing which patches are critical, how fast they should they be applied and which systems should get them fastest.
Having backup systems is also important, as well as ensuring hardware is modern and has the latest firmware and software. Businesses should also have some sort of segmentation and user-access management in place so they you control access to different systems or different parts of their networks.
Data has also become a critical currency for business, and keeping that safe is also an increasing priority. Used correctly, data can help businesses understand what customers need and keeping that data secure is critical for both businesses and clients.
But as a side effect, data is also very valuable to those who should not have access to it. Criminals have recognised that stealing information, - particularly identity information – is lucrative. Just as the data opportunity rises, so too does the challenge of securing, protecting and safely sharing that data, for businesses and our customers.
The cloud is also growing in importance. Cloud computing is allowing many organisations to modernise and makes it easier for them to operate, while keeping systems up to date and more secure. This opportunity has accelerated during COVID when rapid and secure take-up of new and innovative technology has been critical to continued operation.
Even today there is a misconception cloud computing inevitably comes with a lot of security risks, but this is not the case. Done properly, cloud has the opportunity to enable improved security, while also making use of the latest technical advances like machine learning, artificial intelligence, and other capabilities. This can help our security defences keep pace with the significantly increasing threat environment.
There’s so much new technology available now, coming at us at pace that really makes a significant difference to how the world operates. We need to move just as fast to protect it, enable it, embrace it and reap the rewards.
Lynwen Connick is Chief Information Security Officer at ANZ
This publication is published by Australia and New Zealand Banking Group Limited ABN 11 005 357 522 (“ANZBGL”) in Australia. This publication is intended as thought-leadership material. It is not published with the intention of providing any direct or indirect recommendations relating to any financial product, asset class or trading strategy. The information in this publication is not intended to influence any person to make a decision in relation to a financial product or class of financial products. It is general in nature and does not take account of the circumstances of any individual or class of individuals. Nothing in this publication constitutes a recommendation, solicitation or offer by ANZBGL or its branches or subsidiaries (collectively “ANZ”) to you to acquire a product or service, or an offer by ANZ to provide you with other products or services. All information contained in this publication is based on information available at the time of publication. While this publication has been prepared in good faith, no representation, warranty, assurance or undertaking is or will be made, and no responsibility or liability is or will be accepted by ANZ in relation to the accuracy or completeness of this publication or the use of information contained in this publication. ANZ does not provide any financial, investment, legal or taxation advice in connection with this publication.