Emmanuel Marshall 07 September 2018 11:39:45 AEST 5 MIN READ

Business-targeted cybercrime surging in Australia says PWC report

In the last two years, 45% of Australian companies were attacked by online criminals.

That astounding figure is one of the core findings of PWC’s latest report dealing with business cybersecurity.

180906-ingramSpeaking to the ABC about PWC’s findings, Steve Ingram - Asia Pacific Cyber Lead at PwC - said: "technology has been an agent for us in improving the efficiency of our economy. It's also a great tool for organised crime. They use technology to steal legitimate identities and apply that in a fraudulent manner."

The technology Steve Ingram is talking about is off-the-shelf hacking kits being sold on the dark web that include everything a motivated novice needs to mount an effective hacking campaign. "On the dark web, tools to exploit fraud are cheaper than they were 10 years ago," Ingram explained.

Using simple DIY kits, novice hackers can generate email-based fraud attacks that have the potential to yield millions of dollars.

This ready availability of hacking tools is one of the factors in the explosive growth in cybercrime and is motivating dark web vendors to supply an endless stream of new crime tools.

PWC’s data presents a picture of Australian companies engaged in a constant struggle to prevent data breach attacks. It’s a “neck and neck race,” Steve Ingram commented. "The thing with crime is that you rarely get ahead of the curve. You just have to keep pace. There's no end game here. We just need to be forever vigilant."


Online fraud a challenge for companies

Speaking at a seminar hosted by PWC and MailGuard earlier this year, Steve Ingram noted the alarming growth in online fraud and stated that it’s not a problem law enforcement can solve. “No one organisation, no one government can do it; we need everyone working together,” he said. “This is a business issue and it’s one that we need to move on pretty quickly.”

It isn’t only smaller companies that are grappling with cybersecurity preparedness. Large corporations are also expressing grave concern about cyber-threats.

When PWC conducted their CEO survey in 2017, 24% of executives rated themselves “extremely concerned” about cyber-threats. In the 2018 survey, that figure nearly doubled to 40%. Cyber-threats now outstrip technological change, increasing taxes and social instability as a source of boardroom anxiety.


Better defences needed

Angus Taylor MP, formerly Australian Minister for Cyber Security, said in an interview that nearly 90% of small to mid-size businesses are relying on PC-based antivirus software to keep their data systems safe. But conventional virus protection gives companies no defence against the sort of email fraud attacks that are now so prevalent. He noted that poorly defended companies are exposing themselves to severe risk.

“Businesses often find it hard to recover after a cybersecurity incident,” he said. “When small businesses experience a significant cyber breach, 60% will go out of business within six months."

Australian companies, especially small to mid-size businesses, need to implement better security practices. PWC’s Steve Ingram says that the security deficit is partly because there is complacency among businesspeople, who underestimate the true severity of the threat.

"A lot of organisations, individuals as well, think this will happen to someone else and that it won't happen to them," Steve Ingram said.

"While there's a cost for preparedness, the cost of doing nothing is even greater."


Stopping online crime

The explosive growth of email-based fraud requires a multi-layered approach to security that includes software, staff training and cloud-based email filtering.

If you would like to learn more about cybersecurity preparation, please download the e-book Surviving the Rise of Cybercrime. It’s a plain English guide explaining the most common threats, and providing essential advice on managing risk.


“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.” - Rob Sloan, Cybersecurity Research Director, Wall Street Journal.

You can download your copy of Surviving the Rise of Cybercrime, here.