Article:

How the cyber landscape changes in one month

07 September 2017

Leon Fouche , National Leader, Cyber Security |

Have you completed the 2017 BDO and AusCERT Cyber Security Survey and entered the prize draw to win an Apple watch?

It’s been four weeks since the survey launched, and we’ve seen a fantastic response from C-suite and senior IT executives so far. To those who have responded already – thank you! For those who have not yet responded – there’s still time – the survey is open until September 15.

The cyber landscape changes quickly – since the survey launched, there has been plenty happening - here’s our pick of the four most interesting things that have happened in the world of cyber in the four weeks since the survey launched.

1. Multinationals suffer big losses from NotPetya malware attack

AP Moller-Maersk reported that the NotPetya malware attack in June caused losses of more than $250 million despite having up to date Windows security patches and anti-virus software. Reckitt Benckiser reported a $171 million impairment from the same malware attack. Read more

2. Australian inboxes targeted with blackmail SPAM

Australians were warned not to respond to a ransomware campaign targeting generic email addresses with adult web videos. Stay Smart Online reminded people not to pay a ransom if their personal details were compromised. Read more

3. Lawyers warned about trust account fraud

The Queensland Law Society advised solicitors not to accept instructions to transfer trust monies by email, or provide trust account details by email, after emails were intercepted by hackers and bank account details were altered, diverting funds to fraudulent accounts. Read more

4. Australian Red Cross Blood Service commended for data breach response

The Australian Information and Privacy Commissioner commended the Australian Red Cross Blood Service for its ‘honest and upfront’ response to a data breach on its donateblood.com.au website in October 2016. The breach, caused by a third-party provider, exposed around 550,000 individuals’ personal data records. Read more

The Australian Red Cross’ quick response, by engaging AusCERT to investigate the breach and by communicating quickly with those affected, highlights the importance of being prepared for a data breach.

The Privacy Amendment (Notifiable Data Breaches) Act 2017 comes into effect on 23 February 2018. Companies subject to the Privacy Act 1988 will be required to report unauthorised data breaches, such as credit and tax information and personal details, that are ‘likely to result in serious harm’.

The BDO and AusCERT 2017 Cyber Security Survey is investigating organisations’ preparedness for the Data Breach notification scheme. Take part in the survey and find out how your organisation compares when the results are released in November.