Cyber threats 2019: EWN, Collection#1, ATO scams – What’s next?

cybersecurity threats australia

Major cyberattacks were reported one after another in 2018. From a string of data breaches involving the healthcare sector, to a massive hack on Marriott that compromised the personal information of over 500 million guests worldwide. The rate of such incidents shows that cybercriminals are only becoming smarter. This means, that organisations will likely continue to see larger scale breaches in the future.

In fact, cybersecurity in 2019 is off to a shaky start. Within the first few weeks of the year, Australian organisations suffered from a slew of:

  • malware,
  • online scams, and
  • other cyberattacks.

Here’s a roundup of the worst cyberthreats of January 2019:

1. Victoria state breach

The first data breach in Australia occurred 24 hours into the New Year. According to an ABC report, the work details of 30,000 public servants in Victoria state were stolen by a hacker who managed to hijack an employee’s email account.

Even though no banking or financial information was compromised, the hacker did steal a collection of names, work emails, job titles, and phone numbers. This data is extremely useful for performing targeted attacks. Due to this breach, businesses and government agencies may receive more fraudulent emails and phone calls purporting to be from public servants in the coming months.

2. Bogus messages from EWN

On January 7, Australia’s Early Warning Network (EWN), which sends emergency weather warnings throughout the country, reported that its systems were breached when a series of rogue text and email alerts was sent to tens of thousands of people across the country.

The spam message read, “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues” and linked to a fraudulent email address. The incident was especially worrying because an unauthorised person was able to compromise login details and gain access to EWN’s alerting system. Although EWN quickly resolved the issue, hackers may make even more dangerous alerts that can mislead and trick individuals into giving away their personal information.

3. Collection #1 data breach

Security expert Troy Hunt discovered one of the biggest data breaches in history that affects nearly 773 million unique emails and more than 21 million passwords. In his report, the 87GB archive of data known as Collection #1, was uploaded to a popular hacking forum and appears to be an aggregate of over 2,000 leaked databases.

The Collection #1 data set is likely designed for “credential stuffing attacks.” This is where cybercriminals use email and password combinations to hack into online accounts. The risks are even greater for those who recycle weak passwords across multiple accounts. Therefore, it makes it crucial for users to apply password best practices. Companies and individuals can check if their emails have been compromised by going to the Have I Been Pwned website.

4. Vidar and GandCrab malware

Besides high-profile breaches, security experts uncovered a hybrid cyberattack involving Vidar and GandCrab malware. Vidar is a malicious program that spreads via rogue streaming, torrenting, and other unprotected websites. When users access these sites, Vidar instantly runs on their computer and proceeds to steal browser histories, instant messages, and even passwords.  

Hackers may also configure Vidar to infect machines with GandCrab ransomware, a program that holds user data hostage until a ransom is paid. This means victims are not only robbed of their data, but also extorted to recover it, too

5. ATO scams

Australian Taxation Office (ATO) scammers are nothing new, but they’ve recently changed their tactics. Instead of demanding immediate payment over the phone, scammers offered “tax refunds” over SMS in exchange for their target’s personal details.

Scammers spoof ATO phone numbers to make the scam more convincing, but there are some telltale signs users can watch out for. For example, the ATO will never:

  • send links via text,
  • ask for personal information, or
  • request a fee to release a tax refund.

When in doubt, verify all tax-related messages through the ATO website.    

How to avoid the latest threats

The recent cybersecurity developments highlight the need for better security measures and training. To ensure the safety of company accounts and data, you need:

  • intrusion prevention systems,
  • firewalls, and
  • anti-malware.

Employees must develop good security habits. This involves teaching employees to set strong, unique passwords for different accounts and training to be cautious of every website, email, text, and phone call. Much like patching software, security training must be conducted regularly so employees remain vigilant.

Defending your business against the latest threats can be daunting and Empower IT Solutions is here to help. As one of Australia’s leading managed services providers, we provide state-of-the-art security systems and comprehensive security training. Call us today to learn more about our services.