The frequency of cyber attacks is increasing at a rapid rate and perpetrators are smarter and savvier than ever. Both Cadbury and TNT were brought to a halt in June from a ransomware infection. TNT in particular appeared to be have been the most severely affected in Australia with their parent company FedEx providing an indicative loss of $374 million from the incident. It was also indicated that several systems as of September were still not restored and could be permanently lost. TNT also indicated that operations had to be manually handled during the several months following the recovery, with indication that several systems may never be restored.
In October it was found that personal information on some 5000 Australian public servants of the Department of Finance, the Australian Electoral Commission and National Disability Insurance Agency was publicly accessible because of a cloud services misconfiguration.
Additionally the personal information on almost 50,000 private sector employee’s had been insecurely stored on an Amazon cloud storage service (just one of several worldwide over the last few months) and was easily accessible by anyone! This breach was caused by a private contractor who works with both government agencies and the private sector.
This is just a small percentage amoung hundreds of breaches that would have occurred over the last year. The most recent being the highy publicised breach by Uber, although an American organisation; they are very active in the Australian marketplace and it is almost guaranteed that a large percentage of the 57 million driver and customer data that had been stolen in this breach were Australian individuals.
The reality is that cybercrime is estimated to cost Australian businesses of all sizes around $4.5 billion dollars every year with evidence that this trend will only get worse as we become more and more reliant on data and our electronic devices for both personal and business use with everything interconnected via The Internet of Things. Organisations need to adapt as quickly as cyber attackers do and cyber insurance has a role to play in their overall risk mitigation strategies.