On the 22nd of May 2019, the Australian Catholic University (ACU) has also disclosed a recent data breach, with sensitive staff login information being accessed by unknown attackers. With the logins at hand, attackers were able to access email accounts, calendars and bank details of further ACU staffers. ACU’s bank also notified that there could be fraudulent activity ahead after the attack.
It started from one click on a phishing email.
What could we learn from this breach?
The ACU admitted that the data breach was triggered by one person clicking a phishing email. After the attack, staff and students were advised to stay alert when it comes to phishing attacks by avoiding opening dodgy email links and updating all passwords.
“We also recognise the importance of cyber security awareness for students and staff and are reviewing ACU’s cyber security awareness programs.” Said Dr Stephen Weller, vice-chancellor of ACU.
ACU is clearly the victim of a phishing attack, however, have you thought about that that phishing email actually goes to many other people in other sectors including yours as well? It only takes one employee’s click to cripple an organisation.
Based on this case, we can conclude that Prediction is also vital in the battle against cyber-attackers.
- As cyber attackers are increasingly focusing their attention on people today, no technical defence can 100% stop them, we need to focus on our people as well.
- When it comes to battling against phishing threats, we strongly encourage organisations to deliver regular security awareness training to all your employees, to build your “human” firewall, which has been proven by information security system professionals that this effort pays off.
In this modern world, businesses must improve their overall cyber resilience so they can respond to and recover from a cyber-attack as quickly as possible.
They must engage with cyber professionals to ensure their data, information, and assets are well protected
- Gartner 2019
Regardless of how secure your network is, your users are the weakest link in your network security. Training your employees isn’t a done-once proposition; it must be reinforced regularly over time in order for awareness to transition to understanding and, ultimately, behavior change. Cyber Awareness Training and Testing, one of the solutions from OBT’s Managed Security Service Suite, keeps security front of the mind of your employees in their day to day work.
As CRN Impact Awards winner three years running, OBT has proven to be the Most Trusted System in Cyber Security both 2018 and 2019.