Cyber incidents and why they’re similar to weather events
“Organisations undergoing digital transformation, particularly in healthcare, will be the most at risk unless they can combine cybersecurity upskilling and outsourcing with behavioural analytics and AI (artificial intelligence) to improve visibility, prevention, and response to cyber threats in 2023 and beyond.”
Last year, Medibank chief executive David Koczkar “unreservedly” apologised to customers after the health company fell victim to cybercrime. Medibank provides private health insurance and health services to nearly four million people in Australia.
“While evasion tactics, ransomware, and BEC (business email compromise) will continue to make headlines, so will blatant extortion,” noted BlackBerry. “The high-profile 2022 attacks on Medibank and Optus in Australia were not ransomware, but nation-state criminals stealing credentials or using open APIs (application programming interface) to unlawfully steal personal data for financial gain.
“Regardless of the extremely questionable motivations of such threat actors, unless Australia is adequately protected, we are fair game – and this kind of trend is set to continue.”
BlackBerry’s cybersecurity predictions for 2023 include increased attacks on hospitals and healthcare organisations; the evolution of evasion tactics; and the widening of the cybersecurity skills gap. Software supply chain attacks, described as among the most destructive, are also under the spotlight, as well as quantum computing and how it might impact cybersecurity.
The firm highlighted: “New BlackBerry research found that four in five IT (information technology) decision-makers have been notified of an attack or vulnerability in their supply chain in the last 12 months. It also revealed in the last year that 80% of companies in Australia were notified of a vulnerability or attack within their software supply chain.
“Compared to the global average, Australia suffered the highest rates of operational compromise and data loss. It proves cybersecurity must go far beyond vendor trust.”
Last November, the Australian Cyber Security Centre published its third annual cyber threat report, which identified the key trends in the 2021-2022 financial year.
What are your thoughts on cybersecurity? Share in the comments below.