IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

Phishing attacks are making a comeback

By Contributor
Tue 21 Jun 2022

Article by Exabeam CISO Tyler Farrar.

Phishing attacks are on the rise in Australia. First observed here in 2003, the rapid shift to digital services and eCommerce due to the pandemic has presented bad actors with a raft of new opportunities to attack the vulnerable.

No matter what approach or tool cybercriminals use to breach a network, they all have one thing in common: access. Compromised credentials are one of the most popular ways that adversaries penetrate a network, and are the reason behind 61% of breaches. Hackers can gain login information through a variety of methods, but phishing schemes remain the most commonly used and trusted method. Companies are aware of this fact, yet they continually fail at adequately protecting systems.

Phishing attacks are so successful because they rely on exploiting the common human element of trust. These attacks usually appear as a benign email message from a supposed colleague, or perhaps a leader within an organisation – someone in a position of trust, in other words. Other times they may appear to be from a recognised partner or end user.

However, through the fog of a carefully crafted message, a cyber adversary eagerly waits for a target to fall victim to their trap. Although phishing attacks are highly documented, it remains a serious and effective method of attack against non-security professionals. In fact, email-based phishing attacks have only gone up. In 2021, 86% of organisations experienced a successful phishing attack – up 36% from 2020.

One major contributing factor in the increase in email phishing attacks is remote work. Unfortunately, dispersed workforces carry corresponding security complications. During the past two years, the security perimeter has disolved and corporate networks have evolved from strictly on-premises to the cloud, enabling employees to work from anywhere around the world. It is important to note that remote/hybrid work has blurred the lines between personal and professional life.

To avoid phishing scams, organisations must invest in educating employees on recognising the early signs of phishing scams, how to differentiate phishing, and good cybersecurity practices. However, it is also essential that modernised solutions are implemented in place as a backbone of an organisation’s cybersecurity posture.

Staying cyber smart against competent criminals

Rather than retreating to legacy solutions and failed strategies, companies should rethink using proactive techniques for addressing cyber threats head-on. Human error is also frequently to blame for as many as 95% of data breaches. In this case, security leaders need to understand what constitutes a normal level of activity for their networks, and how to identify abnormalities that should be flagged for detection, investigation, and containment, in order to prevent any damage to business systems.

A recent example of why this visibility is important is the devastating SolarWinds breach, in which cyber criminals went undetected inside network systems for 6 months. This incident was a wakeup call to the cybersecurity industry, and one which hopefully drives people to take a proactive approach to cybersecurity. Cyber criminals can remain undetected on internal systems for months if adequate detection solutions are not in place.

Having a threat detection, investigation, and response (TDIR) solution in place can help an organisation to remain protected in the current threat climate. Allowing for a mix of behavioural analytics and smart cyber hygiene can prevent credential-based attacks and hostile lateral movements across the network. TDIR system solutions allow organisations to create a baseline of normal behaviour through machine learning technologies. Security teams can thus spot abnormalities faster and can implement security protocols.

Another step to preventing phishing attacks is for organisations to empower the workforce using proactive measures to bolster security defences. Employees remain a critical aspect of a company’s security posture, and having security teams regularly monitor behavioural analytics while also educating employees on password best practices can go a long way toward ensuring the organisation is protected. Best practices include changing passwords regularly or using password vaults, enabling multi-factor authentication, or using adaptive authentication. Employees who routinely implement these and other cyber hygiene practices for both personal and professional accounts minimise the risk of being victims of a phishing attack.

Finally, security leaders can implement a regular cybersecurity awareness training program. The key to developing an effective security awareness training program is to make it accessible to all departments within the organisation. This can be done through brief or bite-sized knowledge sharing that provides examples of what employees can, and should, be doing to maintain a responsible security posture online. A proactive, joint approach to cybersecurity can be a boon for growth of the organisation.

Related stories
Top stories
Story image
Elders signs five-year agreement with Microsoft to boost innovation
Australian agribusiness Elders has signed a five-year agreement with Microsoft that looks to transform its customer experience, efficiency and sustainability outcomes.
Story image
Examining the future of ransomware threats with Vectra’s CTO
As customers' valuable data move to the cloud, so will ransomware. What is the current landscape and what do we need to know?
Story image
Your tools, your choice: why allow employees to choose their own devices?
Jamf Australia says giving your team the freedom to work with their digital device of choice could help to attract and retain top talent in a tight labour market.
Story image
Bridgestone Australia uses Dematic's AGVs to optimise warehouse operations
Bridgestone Australia has deployed Dematic's Automated Guided Vehicle solution across its new Melbourne warehouse in Truganina.
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
Thales on recruitment hunt for next disruptive innovations
"Recruiting new talent is part of Thales's belief in the power of innovation and technological progress to build a safer, greener and more inclusive world."
Story image
Honeywell named Frankston facility services provider
Honeywell has been named the joint facility services provider for Frankston Hospital’s AU$1.1 billion redevelopment.
Story image
Multi Cloud
Cloud is a tool, not a destination
For many years, “cloud” has been thought of as a destination which has led to a misguided strategy that sees an enterprise trying to shift all its applications to a single cloud provider – regardless of the specific needs and nuances of each individual workload.
Story image
The next stage for 5G in thermal materials - IDTechEx
IDTechEx says higher frequency deployments, such as mmWave devices and very different station types such as small cells, present their own technological evolution and, with it, thermal challenges. 
Story image
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Appian unveils low-code certification program in Australia
Appian has announced a program to provide the next generation of low-code developers with access to education on the subject and certification to foster career opportunities.
Story image
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Barracuda customises training to fit ACSC Essential Eight
Barracuda has announced that its Security Awareness Training now provides a customised training curriculum in line with the Australian Cyber Security Centre’s (ACSC) Essential Eight.
Story image
ASI Solutions
Western Australia CUA panel picks ASI as preferred supplier
Western Australia's Common User Arrangement (CUA) panel has chosen ASI Solutions as a preferred supplier for device hardware.
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
Story image
Enterprise service management: the importance of a one-stop shop
In an online world, employees and end-users want one place to go for all their questions and requests. Intranet technology and self-service portals are useful tools that help serve this purpose.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Artificial Intelligence
Decision Inc. partners with to expand offering
Decision Inc. Australia has partnered with to expand its offering to clients in the retail, FMCG, manufacturing, supply chain and logistics sectors.
Story image
Artificial Intelligence
Vectra AI named as AWS security competency partner
Threat detection and response company Vectra AI has announced that it has become an Amazon Web Services Security Competency Partner.
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Document Management
NZ's FileInvite raises $10M in latest investment round
FileInvite has raised $10 million in Series A investment to fast-forward the extinction of email for requesting and collecting documents online.
Story image
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
EXCLUSIVE: Finding the best data center for your business needs with datacenterHawk
Companies using cloud are consistently looking for the best storage solutions to suit their enterprise needs and often have to go through rather complex processes in order to find the right fit.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Rubber Monkey gears up for Aussie market with latest capital raise
Rubber Monkey is seeking to raise up to NZ$2.5 million of new capital through online investment platform, Snowball Effect.
Story image
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
ABI Research
NaaS market expected to reach $150B by 2030 - research
"The market is immature and fragmented, but telco market revenue will exceed US$75 billion by 2030 if they act now and transform to align with requirements."
Story image
To win at 5G, telcos must tame their quoting chaos
The catalogs of CSP (communication service providers) market offerings are set to explode as new digital services emerge, powered by B2B2X business models.
Story image
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why it's time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Ping Identity appoints Deloitte Australia as a partner
Ping Identity has appointed Deloitte Australia as a Consulting Technology Partner, uniting its offerings with the company's consulting services.
Story image
Marketplacer and Adobe accelerate partnership for enhanced commerce solutions
Marketplacer has accelerated its partnership with Adobe in order to further enhance the global commerce marketplace.
Story image
Registrations for the W.Media Sydney Cloud and Datacenter Convention 2022 now open
Are you a C-Level executive looking to enhance your knowledge in the cloud and data center space in order to get the best results for your company?
Story image
How the metaverse will change the future of the supply chain
The metaverse is set to significantly change the way we live and work, so what problems can it solve in supply chain management?
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.