Hoplon Advocate Newsletter – January 2022

THE HOPLON ADVOCATE – January 2022

Click here to view the PDF version.

Welcome to 2022 – let’s hope it is a better year than 2021!

In this issue we relate a Christmas Tale: the Birth of Hoplon Cyber Security & focus on Ransomware – a key attack vector for Cyber criminals which saw a sharp increase in 2020/2021.

Hoplon Cyber Security – the beginnings.

With the recent celebration of baby Jesus’ birth it seems like an appropriate time to reminisce on the inception of Hoplon Cyber Security.

Hoplon Cyber Security was born from a visible need for a comprehensive personal Cyber Security solution for individuals & their households.

3 partners, with a long association through club cycling, Richard, John & Jimmy launched the business in July 2019 with a view to provide services to Households initially.

At the time the only solutions available to the general public were “Off the shelf” basic Antivirus (eg Norton360, McAfee, etc…), password management tools & backups (physical or cloud-based). The 3 amigos felt a holistic offering for households would be an attractive proposition & over many bottles of quality red wine the concept was developed & refined.

JF joined the team in November 2020 & Hoplon Cyber Security officially launched in February 2021. While attending the Queensland Cyber Security Innovation node launch in March 2021 we received feedback from the biggest segment of the business community (Small Businesses under 20 employees) that few – if any – options were available for their partly or fully-decentralised workforce (Working From Home).

As all these professionals work from home at least some of the time, the Hoplon Cyber offering was swiftly expanded to provide for this overlooked community & now caters to 3 distinct demographics: SMEs (under 20 employees), Professionals Working From Home & Individual Households.

Hoplon Cyber Security is based in Brisbane, locally owned & operated & tailors its solutions individually for each customer.

The Hoplon Cyber team is always reviewing the rapidly evolving products & services in the industry to ensure market-leading protection & peace of mind for its customers.

What is ransomware?

Definition(s):

Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid.

(Source – Wikipedia).

Another definition, from the ACSC (Austcyber) website:

Ransomware is a type of malicious software (malware). When it gets into your device, it makes your computer or its files unusable.

Cybercriminals use ransomware to deny you access to your files or devices. They then demand you pay them to get back your access.

Ransomware works by locking up or encrypting your files so that you can no longer use or access them. Sometimes it can even stop your devices from working.

How does it work?

While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim’s files, making them inaccessible, & demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – & difficult to trace digital currencies such as paysafecard or Bitcoin & other cryptocurrencies that are used for the ransoms, making tracing & prosecuting the perpetrators difficult.

Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction.

Starting as early as 1989 with the first documented ransomware known as the AIDS trojan, the use of ransomware scams has grown internationally.

(Source – Wikipedia).

Closer to home Ransomware has grown in profile & impact, & poses one of the most significant threats to Australian organisations. The ACSC recorded a 15 per cent increase in ransomware cybercrime reports in the 2020–21 financial year. This increase has been associated with an increasing willingness of criminals to extort money from particularly vulnerable & critical elements of society.

Ransom demands by cybercriminals ranged from thousands to millions of dollars, & their access to darkweb tools & services improved their capabilities. Extortion tradecraft evolved, with criminals combining the encryption of victim networks with threats to release or on-sell stolen sensitive data & damage the victim’s reputation. Ransomware incidents disrupted a range of sectors, including professional, scientific & technical organisations, & those in health care & social assistance. The global impact of the Colonial Pipeline & JBS Foods attacks underscores the potential debilitating & widespread impact of ransomware attacks.

In the Financial Year 2020/2021 nearly 500 ransomware cybercrime reports, an increase of nearly 15 per cent from the previous financial year. Here is the breakdown by industry sector:

Key Cyber trends – Ransomware

Australia faced a complex and evolving cyber threat environment in 2020 and 2021.

This was in part due to the impacts of the coronavirus pandemic, but also to the increasing opportunities afforded to malicious actors, the rampant activities of cybercriminals and Australia’s geostrategic environment.

The coronavirus pandemic continued to expand the boundaries of Australia’s computer networks, pushing corporate systems into homes across the nation as a large percentage of the workforce shifted to remote working arrangements. The speed at which this occurred saw many organisations rapidly deploy new remote networking solutions, sometimes to the detriment of their cyber security. Various malicious cyber actors repeatedly took advantage of Australia’s heightened vulnerability during this time to conduct espionage, steal money and sensitive data, and disrupt the services on which Australians rely.

Alongside the virtualisation of Australian life, the disclosure of significant vulnerabilities in software used in Australian networks expanded the targeting opportunities available to adversaries.

The Microsoft Exchange and Accellion File Transfer Application (FTA), & more recently the Log4j & Log4Shell vulnerabilities were notable examples where the ACSC observed multiple compromises after initial disclosure. In some cases, both state-sponsored actors and cybercriminals were able to rapidly exploit vulnerabilities at scale, including against targets in Australia.

What to do if you are under a Ransomware attack?

“Pay or Pray”?

The reality at the coalface is quite different as we will see from Jimmy’s view now.

Jimmy’s view: Cyber Insurance & the trend towards higher premiums for non-Cyber resilient businesses.

It’s no secret that Cybercrime has been on the rise for many years now. Criminals are now taking advantage of the global COVID-19 pandemic – targeting Australians working from home.

The latest Australian Cyber Security Centre’s (ACSC) Annual Cyber Threat Report (5) provides some very concerning statistics:

  • a cybercrime is reported every 8 minutes in Australia
  • cyber incidents grew by 13% in the last year
  • the estimated cost to Australian businesses & individuals is more than $33 billion
  • a 60 per cent increase in ransomware attacks against Australian entities in the past year

 

This significant increase in ransomware attacks has broader implications for businesses in Australia. Many businesses targeted by ransomware attacks are paying the ransom although exact details are generally kept confidential. Experts on the frontline of Cyber Incident Response estimate that up to 1/3 of attacks result in a ransom payment.

“We will continue to see changes in this market that will have an impact on policies & their coverage. While the ACSC discourage ransomware payments, it is a routine practice. Last month, the Government indicated it is considering mandatory reporting & as recently as last week, a House of Representative committee is reviewing this practice. Discussions include banning the practice altogether.

It is a challenging time for both insurers & their insureds, but we expect the trend of increasing up-take, lower coverage limits, price increases & greater transparency about the company’s risk mitigation strategies to continue.” (1)

This massive increase in ransomware attacks is driving cyber insurance premiums increases & will likely affect all insured businesses in the next 12 months.

“Global commercial insurance prices rose 15% globally (17% in the Pacific region) in the third quarter of 2021, the sixteenth consecutive quarter of price increases, continuing the longest stretch of increases since the inception of the Marsh Global Insurance Market Index in 2012.”  (2)

 

So, what can Australian organisations do to mitigate the risk of their premiums rising out of control? Engaging your insurance broker to understand what steps you can take to increase the Cyber resilience of your organisation. Cyber insurance underwriters will increasingly look at the risk profile of your organisation to assess its resilience to cyber attacks & adjust premiums accordingly (or even decline to provide cover).  (3)

 

Security questions will go beyond the basic antivirus software to more advanced cybersecurity protection measures such as:

  • Data backup, segregation, testing & recovery
  • Storage of biometric information for companies that use fingerprint scans
  • IT vendor vetting process & management controls
  • Employee cybersecurity training
  • Remote desktop protocol (RDP)
  • Endpoint detection & response (EDR)
  • Email security
  • Log-in security & user authentication(MFA).” (4)

 

It is safe to say that Cyber Insurance premiums will increase sharply over time & businesses with low cyber resilience will be impacted more in the form of higher premiums.

2022 is shaping to be the year to review your business’ current cyber stance & ensure the right protection is in place.

Hoplon Cyber Security’s team has a specialised Cyber Insurance broker for its customers.

We offer Risk Assessments & a broad range of Cyber Security solutions for Businesses, Professionals Working From Home & Households.

 

  1. https://www.themissinglink.com.au/news/why-are-cyber-insurance-premiums-in-australia-skyrocketing
  2. https://www.marsh.com/au/services/insurance-market-&-placement/insights/global_insurance_market_index.html
  3. https://www.businessnewsaustralia.com/blog/facing-the-latest-impacts-of-cyber-crime–cyber-insurance-premiums-increase-for-businesses
  4. https://www.rpsins.com/learn/2021/oct/us-cyber-market-outlook/
  5. https://www.insurancebusinessmag.com/au/news/cyber/cyber-insurers-increasing-premiums-reducing-coverage-limits–report-312742.aspx
  6. https://www.cyber.gov.au/acsc/view-all-content/reports-&-statistics/acsc-annual-cyber-threat-report-2020-21
  7. https://www.abc.net.au/news/science/2021-07-16/australian-organisations-paying-millions-ransomware-hackers/100291542?utm_campaign=abc_news_web&utm_content=link&utm_medium=content_shared&utm_source=abc_news_web

 

Hoplon Cyber Security are here to help – call us on 1 300 312 862 for a complimentary consultation.

You can also head to our website for a free risk assessment:

https://hoploncyber.com/health-check/

 

Stay Cyber Safe in 2022.

The Hoplon Cyber Team.

https://hoploncyber.com/

1 300 312 862

advice@hoploncyber.com

175 Melbourne Street

South Brisbane QLD 4101