Cybercrime is on the rise with a 42 per cent increase over four years according to the NSW Bureau of Crime and Statistics Research. There were 11,389 reported incidents of cybercrime between 2019 and 2020 compared to 16,130 between 2021 and 2022. Fraud has seen a substantial increase, rising by 95 per cent from 2019 to 2022.
Head of Telco Technology at AGL Taylor Newnham said cybercrime has significantly impacted major companies such as AGL.
“While cybercrime has been around for decades, over the past three to five years we have seen significant movement in this area,” Ms Newnham said.
“I doubt that there is any telecommunications user within Australia that didn’t hear about the Optus breach. While this may have been the most publicised, Optus was not the only company impacted by Cybercrime in 2022.”
The Australian Signals Directorate Cyber Threat Report 2022-2023 said large businesses lost an average of $71,598 to cybercrime-related incidents in the 2022-2023 financial year. This amount has continued to increase over the past three years. Medium-sized businesses suffered the largest loss at an average of $97,203 during that period.
Ms Newnham said this increase in cyberattacks is requiring companies to shift towards detection and prevention techniques.
“There are hundreds of high-quality tools available to organisations that will provide different levels of protection based on their needs, and of course, their ability to pay,” Ms Newnham said.
She also stressed the importance of organisations in training their employees on the risks of cybercrime.
“In my opinion, you need to invest the time and resources into making training and awareness relatable, understandable, and fun while really focusing on the facts and what to look out for,” Ms Newnham said.
“Gamifying this type of training can increase participation levels and help with information retention and understanding.”
Telco Cyber Analyst at AGL Josh Saunders said there are various protective measures organisations can implement to enhance their security.
“Regularly updating your systems, using unique logins for each system that you use, using a password manager to create unique and complex passwords, enforcing the use of multi-factor authentication wherever possible, and performing regular backups,” Mr Saunders said.
Mr Saunders also advised that companies should refer to the Australian Cyber Security Centre’s Essential Eight which breaks down cyber security prevention techniques into eight simple categories.
