MailGuard Blog

Compromise can happen to anyone. It’s no longer a case of ‘If a cyberattack hits my business’ but ‘A cyberattack will hit my business’. We have come a long way from the thinking that only certain types of businesses (or business functions) could be the recipient of a cyberattack. Most security professionals now assume that a breach is inevitable and prepare accordingly.

We all use passwords. In fact, we need them to access almost any online device. They are the key to retrieving sensitive data, whether it be online banking, classified company documents or social profiles, such as LinkedIn. They’re the first line of defense to protect crucial information, and often the most vulnerable. It’s not surprising then, that cybercriminals often create phishing scams to steal password credentials in order to procure data for use in criminal activity.

As I write this, the threat of Ransomware is rapidly on the rise. So much so that the Australian Federal Police has formed a task force - Operation Orcus - following in the footsteps of the US Government, in an attempt to combat the specialised criminal infrastructure that is wreaking havoc across large scale organisations here and globally. High profile victims such as Nine Entertainment, JBS and Uniting Care, along with the recent Kaseya interception have been making headlines and may continue to do so without superior intelligence targeting organised crime groups.  

“By any measure, 2020 was the worst year ever when it comes to ransomware and related extortion events. And if we don’t break the back of this cycle, a problem that’s already bad is going to get worse.”

- Acting Deputy Attorney General John Carlin, the United States Department of Justice (DOJ), April 2021

Your business data is being held hostage, encrypted with only your attackers holding the keys. So, do you pay up the ransom, or try to recover without handing over company profits to cybercriminals?

In a year we would all rather forget; an unfortunate side effect has been a rise in ransomware incidents and opportunistic cyber-attacks. Our current situation has been unexpectedly thrust upon us, forcing a rapid change to our ways of working, and a more vulnerable remote workforce. One positive that’s close to my own heart though, is a growing awareness of cybercrime, and a shared responsibility across the entire organisation from the Board and the CEO, through to the front line, to boost cyber resilience.

If your company has been hit by a ransomware attack, would you pay the ransom?  

As the COVID-19 crisis continues to unfold, new reports showcasing the good, bad and ugly side of tech continue to emerge every day. The world applauded when mobile device monitoring was enlisted to enforce self-isolation, but it was also horrifying to see cybercriminals setting up fake websites offering fraudulent Coronavirus vaccines.  

Recently, we have seen a surge in cyber-attacks that are capitalising on fears around COVID-19, like this scam intercepted by my team at the end of February, and wider media reports like this one with cybercriminals creating thousands of illegitimate Coronavirus-related websites on a daily basis. 

Q&A with Craig McDonald, CEO & Founder, MailGuard

On March 11, the World Health Organization declared COVID-19 a pandemic. Two weeks on, and we are seeing technology at its best and worst. Technology is all around us, and as business leaders and tech partners, we understand its power – for good and evil. Here’s a quick look at just a few of the ways that tech is being enlisted during the current crisis.

This week has been a challenging time of transition, not just for our team at MailGuard but for many organisations around the world. Implementing social distancing, switching to a remote workspace, modifying our regular routines and trying to create new health and hygiene habits can really take a toll on our mental health.

As many of you know by now, logistics giant Toll Group was in the news last week after they were hit by a ransomware attack called Mailto. This attack is usually delivered via an infected email, that was most likely clicked on by an unsuspecting employee which then infects systems running on Microsoft Windows, encrypting files and leaving a ransom note on-screen. The note says that the only way to get the files back is by paying a ransom in Bitcoin.  

Like many of you, I read the news that Toll Group confirmed that it is the victim of a “targeted ransomware attack.”

Popular coffee brand, FiveSenses, is the subject of the latest email scam. In yet another example of how cybercriminals attempt to brandjack trusted, well-known and familiar brands, the email includes a ‘Payment Advice’ in an attempt to trick coffee lovers, restaurant and café owners to investigate further.