Working from home during COVID-19 lockdowns has triggered an exponential growth in online and telecommunication fraud by cyber criminals, according to technology firm Citadel Group.
“People are very sensitive to quite a number of issues around COVID at the moment, and are therefore open to the types of hooks or barbs the fraudsters will prey on,” Canberra-based Citadel chief executive Mark McConnell told AAP.
Scammers are trading on COVID-related welfare and tax payments and medicine availability, using calls, text messages and emails to target people’s personal information and build a profile ready for exploitation.
“The fraudsters are being particularly opportunistic during COVID and they are capitalising on the fact that people are at home and they are more likely to pick up,” Mr McConnell said.
He pointed out the IT used in work-from-home setups is a problem, with old laptops or hard drives likely to be running out-of-date antivirus software, patches, and security upgrades.
“The server sitting under your desk or in your cupboard, it’s not monitored 24/seven, it’s open to all levels of attack,” he said.
“The wormhole they come in through is redundant versions of licences, unsupported software, unpatched software.”
Citadel Group’s chief information security officer Rahul Khurana told AAP updating machines and migrating data to the cloud should help.
“That protects you from a lot of vulnerabilities,” he said.
In the first half of 2021, Australia was the third most hacked country in the world behind the US and UK, according to a recent report by global consultancy firm Accenture.
Accenture found Australia accounted for 11 per cent of global cyber attacks, amid a 125 per cent jump in cyber intrusion worldwide compared to the same period last year.
Some large Australian companies have suffered cyber attacks during the pandemic. Nine Entertainment was hit in March, putting at risk the organisation’s nightly TV news bulletins and newspapers.
In 2020, two ransomware infections at Toll disrupted goods and service delivery across the country, with Telstra, Optus, and Woolworths among those affected when Toll went offline.
Last year Chinese hackers launched a major attack on Australian government networks, including the departments of defence and health, while universities and corporations were also targets.
The mounting attacks led the federal government to warn that Australian organisations are under sustained digital assault.
AAP
Working from home: cybersecurity tips
KEY CYBERSECURITY TIPS FOR WORKING FROM HOME
* Use strong and unique passwords (16-plus characters)
* Don’t use the same password for different websites or internet banking
* Download a password-safe solution, such as LastPass​
* Protect all devices with an anti-malware solution
* Use multi-factor authentication, such as a password or biometric in combination with a one-time code
* Use Virtual Private Networks (VPN)​
* Keep software and operating systems updated and select automatic updates when possible​
* Backup data regularly​
PERSONAL SECURITY TIPS
* Exercise critical thinking and vigilance when responding to phone calls, messages and emails.
* Exercise caution in opening messages, attachments, or clicking on links from unknown senders​
* Be wary of any requests for personal details, passwords or bank details, particularly if the message conveys a sense of urgency​
* If in any doubt of the communicator’s identity, delay any immediate action, and re-establish communication later using contact methods you have sourced yourself.
ENTERPRISE ​INFORMATION MANAGEMENT TIPS:
* Know which platforms are safe to create, store and collaborate on
* Avoid sharing content with personal email or document accounts, as they will not have the same level of security protections.
* Avoid storing documents locally or in non-secure locations.
Source: Citadel Group