As people, business and governments all become more reliant on interconnected computer networks, more economic value is digitised and stored online, making the rewards of cybercrime ever more attractive. From financial crime to theft of personal or confidential business information, cybercriminals have plenty of enticing targets.
It’s also true that as business models go, cybercrime is a winner. The returns are high, the risks are low, and the figures astounding. In fact, the two most common techniques employed by criminals - social engineering, where a cybercriminal tricks a user into granting access, and vulnerability exploitation, where he/she takes advantage of a programming or implementation failure to gain access – are both surprisingly cheap. Yet McAfee estimates the annual cost of cybercrime to the global economy at more than $400 billion.
Cybercrime is now the number one economic crime Australian companies face.
Unfortunately, Australia is increasingly in the firing line. According to a recent report prepared by PwC Australia, 65% of Australian organisations experienced some form of cybercrime in the past 2 years, and cybercrime has now moved from being a statistically insignificant economic crime in Australia in the past six years, to the number one economic crime organisations face.
At the same time, Australian organisations are underprepared. Only 7% said they used any form of sophisticated internal monitoring aimed at detecting and/or preventing loss, yet the losses can be substantial. Ten percent of Australian companies surveyed said that some cyber events cost them in excess of $1 million.
The Australian Cyber Security Centre (ACSC), run by the Federal Government, released a report in 2016 on cyber threats. In it ACSC outlines the types of threats that cyberattacks pose to government, the private sector and critical infrastructure and released data showing which industries have the highest number of cyber security incidents.