Security Breach – 23 Aug 2024

23 Aug Security Breach – 23 Aug 2024

In the fast-paced world of cybersecurity, mistakes are inevitable. Yet, when these errors occur, many employees hesitate to report them. An estimated 50% of employees are afraid to report their cybersecurity errors because they dread the repercussions. This reluctance can have serious consequences for organisations, potentially allowing small issues to snowball into major security breaches. Understanding why employees are afraid to report mistakes and how to create an environment that encourages transparency is crucial for strengthening a company’s cybersecurity posture.

Cybersecurity is a team effort, and the sooner mistakes are reported, the easier they are to manage. By understanding the reasons behind employees’ fear of reporting and taking steps to address those concerns, organisations can create a more secure and resilient environment. Transparency, education, understanding and support are key to helping employees overcome the fear that they will get in trouble or even lose their job for reporting mistakes. Getting everyone on the same page about the importance of reporting cybersecurity mistakes will ultimately lead to a stronger cybersecurity posture for the entire company.

Recent Breaches

Australia – Hudson Civil Engineering – Civil Construction Company

Exploit: Ransomware

Risk to Business: Moderate: The RansomHub ransomware gang claims to have hacked yet another Australian engineering firm, this time, the Launceston-based Hudson Civil Engineering.  Hudson Civil Engineering has not responded to Cyber Daily’s request for comment. According to the company’s website, Hudson Civil Engineering is “Tasmania’s leading manufacturer and supplier of infrastructure products to the civil construction, irrigation, water/wastewater, mining, building, development and rural sectors”. No information has been provided on the nature of the data, nor has any sample data been included. Given that RansomHub is a RaaS operation, it’s hard to tell if the gang is specifically targeting Australian engineering firms or if its affiliates are simply taking advantage of smaller companies with less cyber security maturity. RansomHub was first observed in February 2022, and its victim count for August has already soared to 21.