Security Breach Update
15 February 2019

Government Breach2017: The Year of Cryptojacking.

2018: The Year of Ransomware.

2019? It’s shaping up to be the Year of Phishing.

Historically, we’ve labelled phishing as a nuisance that only a select few fall for. However, the increasing sophistication of social engineering, along with a gradual evolution of phishing techniques, have levelled the game.

For example, hackers have realized the importance we place on SSL certification, and have found ways to exploit it in order to give us a false sense of reassurance. Browsers such as Edge, Chrome, and Firefox have created advanced filtering techniques, but they are still unable to identify 10-25% of phishing sites.

Experts have responded with an answer: adopting a “Zero Trust” approach. According to this philosophy, organizations must create processes that “trust no one and verify everything”. Although this seems more easily said than done, especially in regard to cloud networks, mobile devices, and internet applications, its principles can be still be applied.

Recent Breaches

Australia – LandMark White – One of the biggest valuation firms used by the banks.

Exploit: Undisclosed ‘security vulnerability’

Risk to Small Business: Moderate: This breach is likely to affect individuals more, but the ramifications on a business level may see LandMark White reputation tarnished with recovery time extended as most of the banks have suspended trading with them. Consumer trust of banks is already on shaky ground.

Risk to Exploited Individuals: Servere: The hackers were able to access all types of personal data, include property valuations and personal contact information of home owners, residents, and property agents, including first and last names, residential addresses and contact numbers. The good news is that no bank account information was disclosed in the breach.

Customers Impacted: 100,000 customers.

Australia – Australian Parliament House

Exploit: Unknown

Risk to Small Business: Moderate: The hackers were caught in the early stages of gaining access to the system.  In a statement, Federal Parliament’s presiding officers said authorities were yet to detect any evidence data had been stolen in the breach.

The attack does not affect the computer systems of government ministers and their staff, however it does affect government backbenchers, the Opposition and crossbenchers.

Risk to Exploited Individuals: Low: Authorities are yet to uncover any evidence that data was stolen in the breach. Computer passwords were reset as a precaution as investigations continue.

Customers Impacted:  Unknown

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
15/02/2019

Follow us on LinkedIn:

Related Articles:
Hackers have attempted to access DNA data
Important points to stay safe when shopping online

Written by