IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

Supply chain attacks, ransomware leads to loss of trust in IT vendors

By Catherine Knowles
Thu 9 Dec 2021

Increasing supply chain attacks, ransomware extortion demands and slower detection speeds are reducing trust in legacy IT vendors, according to CrowdStrike’s 2021 Global Security Attitude Survey, conducted by independent research firm Vanson Bourne.

Recent attacks such as Sunburst and Kaseya have once again brought supply chain attacks to the fore and the survey results echoed this with almost half (49%) of Australian organisations experiencing a software supply chain attack within the last 12 months.

This is having a significant impact with 55% of Australian organisations reportedly losing trust in a key supplier due to security concerns in the past 12 months.

In fact, 75% of Australian organisations were specifically losing trust in legacy IT vendors, such as Microsoft - more than any other country surveyed.

Yet many Australian organisations still aren’t doing enough to protect themselves, just 44% have actively vetted suppliers in that same period.

Globally, respondents estimate it would take 146 hours (c. 6 days) to detect a cybersecurity incident, up from 117 hours in 2020.

Once detected, it takes organisations 11 hours to triage, investigate and understand a security incident, and 16 hours to contain and remediate one.

Australian organisations are tracking above average, 46% estimate they would be able to detect a cyber incident within a day, and 36% within an hour. However, 16% state that it would likely take their organisation more than a day to detect an attack.

CrowdStrike chief technology officer Michael Sentonas says, “The survey presents an alarming picture of the modern threat landscape, demonstrating that adversaries continue to exploit organisations around the world and circumvent outdated technologies.

"Today's threat environment is costing businesses around the world millions of dollars and causing additional fallout. The evolving remote workplace is surely accentuating challenges for businesses as legacy software like Microsoft struggles to keep up in today’s accelerated digital world."

CrowdStrike encourages organisations to strive to meet the 1-10-60 rule - where security teams demonstrate the ability to detect threats within the first minute of an intrusion, investigate and understand the threat within 10 minutes, and contain and eradicate the threat within 60 minutes - given that, local organisations still have a way to go.

This response time is particularly alarming in our remote-first world. Indeed, 80% of Australian respondents who have experienced a cybersecurity incident cited remote working as the direct cause in 2021, the researchers state.

The survey indicates that ransomware attacks are continuing to prove effective, with average ransomware payments made by Australian organisations in 2021 US$1.53 million (AUD$2.15 million).

In Australia, 67% of organisations reported suffering a ransomware attack in the past 12 months, while 79% say they would consider paying a ransom to recover encrypted data in the event of a software supply chain attack, the highest figure in APJ.

Alarmingly, 93% of Australian organisations who paid a ransom in the last 12 months have also been victims of re-extortion fees.

In the 2021 Threat Hunting Report, CrowdStrike’s Falcon OverWatch reported that eCrime threat actors are able to move laterally across an organisation’s network in an average of 92 minutes.

This paints a sharp contrast between the capabilities of today’s swift attackers and defenders who are increasingly slowed down by high volumes of alerts and tools that lack integrated workflows.

Sentonas adds, “This presents a clear clarion call that businesses need to change the way they operate and evaluate more stringently the suppliers they work with.

"The threat landscape continues to evolve at a frightening pace and it’s obvious that modern organisations need a cloud-native, holistic end-to-end platform approach to tackle and remediate threats in a swift manner.”

Related stories
Top stories
Story image
LG Electronics
LG Electronics brings on Aussie AV distributor Alloys
LG Electronics Australia Business Solutions has appointed Australian AV distributor Alloys as a new distribution partner.
Story image
Energy
Sustainability huge factor for APAC data centre managers
A new report reveals that 85% of data centre managers in APAC believe that sustainability will significantly impact operations and decision making.
Story image
Pegasystems
Marketing technologies set to increase revenues - study
Marketing leaders say that investment in new marketing technologies (MarTech) will drive significantly increased revenues.
Story image
Equinix
Aussie businesses buckle down on digital tech investments
Australian businesses are planning major investments in digital technologies to support ambitious expansion plans.
Story image
Telstra
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
Story image
Management
MYOB snaps up Sydney-based management software specialists
MYOB has announced the acquisition of Sydney-based business management software and support specialists, GT Business Solutions.
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Story image
Recruitment
Thales on recruitment hunt for next disruptive innovations
"Recruiting new talent is part of Thales's belief in the power of innovation and technological progress to build a safer, greener and more inclusive world."
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Telecommunications
WiFi as a Service market to reach $26 billion through 2032
As a result of the easy management of wireless infrastructure over cloud services, WaaS is experiencing rapid growth.
Story image
Document Management
Regaining digital trust and enhancing digitisation in Australian Government agencies
Having a digitised ecosystem of documents, tools and data can help bolster security, improve workflow and ultimately create better services.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
CSG
To win at 5G, telcos must tame their quoting chaos
The catalogs of CSP (communication service providers) market offerings are set to explode as new digital services emerge, powered by B2B2X business models.
PwC
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Infrastructure
Video: 10 Minute IT Jams - An update from Paessler
Sebastian Krüger joins us today to discuss how unified infrastructure monitoring enables MSPs to seamlessly deliver services to their clients.
Story image
Media
Registrations for the W.Media Sydney Cloud and Datacenter Convention 2022 now open
Are you a C-Level executive looking to enhance your knowledge in the cloud and data center space in order to get the best results for your company?
Story image
Artificial Intelligence
Eight top DevSecOps trends to support IT innovation in 2022
The use of DevSecOps practices is growing, as it is increasingly seen as the best way to produce high-quality and secure code. So what are the current trends?
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
Story image
SaaS
Ping Identity appoints Deloitte Australia as a partner
Ping Identity has appointed Deloitte Australia as a Consulting Technology Partner, uniting its offerings with the company's consulting services.
Story image
Documentation
Adobe study finds lack of digital trust and utilisation in Australian Government agencies
New research commissioned by Adobe has revealed a significant lack of digital trust within Australian Government departments, along with the continued underutilisation of key digital processes.
Story image
Metaverse
How the metaverse will change the future of the supply chain
The metaverse is set to significantly change the way we live and work, so what problems can it solve in supply chain management?
PwC
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Microsoft
Elders signs five-year agreement with Microsoft to boost innovation
Australian agribusiness Elders has signed a five-year agreement with Microsoft that looks to transform its customer experience, efficiency and sustainability outcomes.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why it's time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Adobe
Marketplacer and Adobe accelerate partnership for enhanced commerce solutions
Marketplacer has accelerated its partnership with Adobe in order to further enhance the global commerce marketplace.
Story image
Solutions
Progress launches latest version of network visibility solution
In Flowmon 12 network solution, Progress has expanded its support for public cloud provider flow log monitoring and launched new features.
Story image
Artificial Intelligence
Salesforce announces new innovations for financial services
Salesforce has launched expanded financial services that offer more targeted and trusted automation to help teams unlock insights, deliver better customer service, and drive operational efficiencies.
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
Remote Working
RDP attacks on the rise, Kaspersky experts offer advice
"Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data."
Story image
Airwallex
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
IDTechEx
The next stage for 5G in thermal materials - IDTechEx
IDTechEx says higher frequency deployments, such as mmWave devices and very different station types such as small cells, present their own technological evolution and, with it, thermal challenges. 
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Apple
Your tools, your choice: why allow employees to choose their own devices?
Jamf Australia says giving your team the freedom to work with their digital device of choice could help to attract and retain top talent in a tight labour market.
Story image
Training
Barracuda customises training to fit ACSC Essential Eight
Barracuda has announced that its Security Awareness Training now provides a customised training curriculum in line with the Australian Cyber Security Centre’s (ACSC) Essential Eight.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Security Information and Event Management (SIEM)
LogRhythm updates SIEM Platform with latest innovations
LogRhythm has announced the launch of version 7.9 of the LogRhythm SIEM Platform and updates to LogRhythm NDR and LogRhythm UEBA.
Story image
Cybersecurity
How organisations can mitigate IoT and IIoT security risks
IoT and IIoT come with inherent risks because they are often deployed faster than they can be secured, putting organisations in danger of cyber threats. Here are tips on how to mitigate those risks.