There seems to be a new cyber-attack announcement every couple of days… businesses from boutique vendors to supermarkets and insurance companies have detected ‘unusual activity’ that has resulted in personal information potentially being exposed.
According to a report from Smart Company, nearly one in two Australians has been embroiled in at least one of several high-profile company breaches that have taken place over recent weeks.
Cybersecurity for businesses
If you own a business and are concerned that something has gone awry in terms of cyber security (ie, if personal information is accessed or disclosed without authorisation or if it is lost), you must report it to the Office of the Australian Information Commissioner. You also have to get in touch with your customers to let them know, which can be expensive and damaging to your reputation.
To prevent a hacking incident and protect your own data as well as your customers’ personal and financial information:
- Hire a cybersecurity consultant to help you check and improve your security
- Educate your team regularly about cybersecurity (a device left open can be the easiest entry point for hackers)
- Back up your data daily so if you are threatened with ransomware you at least still have access to the information you need to operate your business
- Set up MFA (multi-factor authentication) so your customers need more than a basic password to log into your system=
It’s also advisable to have cyber insurance in place so you are protected from the expense of a cyber attack.
Cybersecurity for individuals
There are a number of ways you can protect your personal information and avoid being the victim of a hacker or scam.
One simple recommendation is to switch from passwords to passphrases. So instead of writing BaskEtball123#, (basketball, incidentally, is a very common password), you could put something like MyFavouriteUSBasketballTeamIsTheLakers. This is relatively easy to remember but much harder for bots to guess. A line from a song can also work for this cyber safety strategy.
Many experts will tell you that a seven-character password can be cracked in as little as 31 seconds, while one with six or fewer characters can be cracked pretty much instantly. If you use the same passcode on several different platforms and websites, it’s alarming to think of how quickly a hacker can get into almost all your accounts.
You should update your apps and devices whenever a new version is released. Updates often fix security issues that may leave you vulnerable.
There is also the never-ending game to spot scammers. Quick tips include:
- Remembering that your bank or any other organisation such as Australia Post will never contact via email or phone you to ask for personal information like your PIN.
- If you suspect a caller is a scammer, hang up and call the right number for the organisation to check if they are actually trying to get in touch.
- Check the brand name and hover over links in emails to check whether or not the link they are directing you to looks legitimate. For example, an email with the subject line ‘Re: AUpost™️ Courier Pickup Confirmation ☑️!!2nd attempt’ may look like it is from Australia Post but the brand name is incorrect. The link in the email may look like this: http://onwvyj03t93zlhk.usps2022dlv.dudns.org/ym.xe?dDsncxQDrcbbb4N instead of resembling an official Australia Post link.
- If you receive a text, phone call or email that warns you about a problem like unpaid tax debt, overdue payment or warrant for your arrest, type the wording of the message into Google. You will probably see results explaining it is a scam.
- Double check you have the right details before you transfer money to someone, particularly if it is a large fee like a property deposit.
If you believe you may have been hacked, one place to start is the Government’s free tool.
Use https://www.cyber.gov.au/have-you-been-hacked to figure out if you have been hacked and find advice on what to do about it. It may recommend you contact your bank to speak about updating your login details or that you change the passwords/phrases on your email.
If you’re concerned your information has been compromised by the recent cyber attacks in Australia, be aware of any emails, phone calls or messages from organisations claiming to know personal details such as your address. You can also check Equifax to see if anyone has applied for a credit card in your name. Finally, you may wish to update your driver’s licence, passport and Medicare card so you have new numbers that hackers can’t take advantage of.
Follow EFS on social media for more information and updates about freight, logistics, security and small business.
