On 22nd October it was disclosed that Optus had suffered a cyber attack, resulting in the unauthorised access to information of over 11 million users.
The impact of this breach is significant not only in the shear number of clients, but the type of information that was accessed. This included dates of birth, names, phone numbers and in some cases, addresses and drivers licence numbers.
Whilst Optus are describing it as a sophisticated attack, government and security experts are claiming that it was an error by the company that left the data accessible online.
The fallout from the breach will affect Optus for a long time, both in customer trust and financially.
Originally the hackers had requested a ransom of $1,000,000 USD paid in the Cryptocurrency Monero. Customer trust in the business has been eroded, with many already moving to alternative carriers.
The OAIC (Office of the Australian Information Commissioner) will be engaging Optus to ensure compliance with the Notifiable Data Breaches (NDB) scheme.
Lastly, Law firm Slater and Gordon announced it is investigating a class action lawsuit on behalf of current and former customers involved.
What can you do to prevent data breaches?
- As an Optus customer, you may have already received notification from them about the best next steps to take, if not, see the media release for the next steps to take.
- Monitor your accounts for fraudulent activity and be especially wary of unsolicited calls, emails and text messages. Optus will not be providing links on any of their correspondence as criminals are likely to use these as well.
- If you haven’t done so already, ensure you have two-factor authentication on all possible accounts, including Optus, banking and social media. This will ensure an added layer of protection.
- Use unique passwords for each of your accounts. Password managers such as LastPass, 1Password and Dashlane are great for this.
How does it relate to your business?
Any company that conducts business either online or uses online services could be the target of an attack. The more sensitive the data, the more valuable the target.
According to the latest OAIC report, the 3 most targeted industries are:
- Healthcare service providers
- Finance
- Legal, account and management services
As we’ve seen from the Optus data breach, the consequences are not just in remediation.
There is the ongoing costs of managing the breach, any fines payable and loss of customer trust.
What can you do to stop the attacks?
The best thing any business can do, especially those in the top targets, is to harden your security to reduce the incentive of being targeted.
Criminals will typically target those with poor or no security as it enables the fastest turn around for the best reward.
Some items that can be addressed are:
- Ensuring email accounts a properly protected – As the most common attack vector, it is essential that email security is implemented to prevent the distribution of Phishing emails and viruses which can lead to data harvesting and compromised credentials. This can be achieved through the use of 3rd party services and Two Factor authentication.
- Implement a dedicated firewall – Replacement of service provider router to a purpose built Firewall gateway to prevent unauthorised access to your network – Service provider routers may have “built in” firewalls and security, but are by no means the best option. By implementing a dedicated firewall to your network, you are ensuring that your systems are hardened with a device that communicates to a global database of known threats and attack vectors and is built for one job, to protect your network.
- Operating System Patches – By implementing scheduled patch management, you are ensuring that your operating system, whether it be Windows, MacOS or Linux, is protected against known exploits and vulnerabilities. With patch management, you can ensure that these updates are performed at a convenient time so as not to interrupt your business.
- Managed Antivirus – By implementing a managed anti-virus solution, protection can be provided against “known” and “unknown” threats. Not all systems are equal, with top vendors now introducing sandboxing and Smart AI integrated into the new anti-virus engines enabling systems to detect “zero day” threats and mitigate the damage the may try to cause. By having a managed solution, any alerts can be actioned by a team of specialists, providing advanced detection and remediation.
- Regular Backups – The backup of important data, software and configurations is critical to the continued running of any business. While many of the “cloud systems” take care of this, chances are most businesses have an application or service that does require the end user to backup.
- Implement a Business Continuity and Disaster Recovery – In the case of “on-premise” servers, BCDR (Business Continuity and Disaster Recovery) is critical in ensuring that if your server was to become unavailable, either due to Hardware failure, OS corruption or malicious activity, that your recovery time is often minutes, not hours, days or even weeks. Backups should also follow the 3-2-1 rule, 3 copies of the data, in two different locations, with at least one of them offsite. This aids in preventing the accidental or malicious loss of backups. An example of this would be the Datto BCDR device.
The ACSC (Australian Cyber Security Centre) has introduced the “Essential Eight” maturity model designed to assist businesses with implementing proper security services to their business.
The aim is to mitigate the risks associated with customer / patient data.
How Syntech IT Can help?
Here at Syntech IT, we recognize the importance of security to all business and have built a range of services aimed at providing protection to mitigate the risks associated with today’s digital workspaces.
Just some of the services we can provider are:
- Network Auditing and reviews
- Security implementation
- Managed IT Services
- Hardware sales and leasing
- BCDR services
If you’d like more information regarding anything above or about how we can help, please reach out to us.
