Security Market Segment LS
Thursday, 27 February 2020 02:20

Business email compromise Australia’s ‘most prevalent’ security threat Featured


Business email compromise (BEC) was the most prevalent security threat in Australia in 2019, accounting for 23.6% of global attempts and placing Australia in the top two countries with the most attempted attacks - and with the healthcare sector globally remaining the most targeted industry.

Australia also landed in the top five countries with the greatest number of malware detections, with over 20 million detections blocked in 2019, according to cybersecurity firm Trend Micro in its 2019 security roundup report released on Wednesday.

Ransomware continued to be a mainstay cyber threat last year, according to the Trend Micro report, with globally the security firm discovering a 10% increase in ransomware detections, despite a 55% decrease in the number of new ransomware families.

The healthcare sector remained the most targeted industry globally, with more than 700 providers affected in 2019 - while in Australia, a number of Victorian hospitals fell victim to ransomware attacks in 2019, forcing the healthcare facilities to go offline entirely.

“The ramifications for the healthcare sector are particularly detrimental as legal constraints come into play. Often medical systems are managed by third parties and upgrading OS/patch systems requires a repeat in clinical trials to remain compliant, which can sometimes take years to complete,” says Trend Micro.

“Digital transformation has been a business buzzword for decades, and the concept has yielded very positive results over time. But security is often an afterthought, which leaves digital doors wide open for cybercriminals,” said Dr Jon Oliver, Director and Data Scientist, Trend Micro.

“Despite the prevalent ideals of digital transformation, lack of basic security hygiene, legacy systems with outdated operating systems and unpatched vulnerabilities are still a reality.

“This scenario is ideal for ransomware actors looking for a quick return on investment. As long as the ransom scheme continues to be profitable, criminals will continue to leverage it.”

Trend Micro’s report notes that to improve the ransomware business process, alliances between ransomware groups were formed in 2019, demanding millions of dollars in ransom.

Trend Micro also notes that it tracked a rise in the “access-as-a-service” trend, in which criminal groups rent out or sell access to company networks - and that this service ranges in price from roughly A$4,500 to A$31,000, with the most expensive offering including full access to a company’s server hosts and corporate virtual private networks (VPNs).

“Known vulnerabilities remain key to successful cyber attacks, including ransomware. In 2019, Trend Micro’s Zero Day Initiative (ZDI) disclosed 171% more high severity vulnerabilities than in 2018 on a global scale,” says Trend Micro.

“The criticality score reflects the likelihood of these flaws being leveraged by attackers, so high severity bugs are more likely to be weaponised and the patches should be prioritised.

“To protect against today’s threat landscape, Trend Micro recommends a connected threat defence across gateways, networks, servers and endpoints.

“Additionally, these best practices can increase a company’s security posture:

  • Mitigate ransomware with network segmentation, regular back-ups and continuous network monitoring.
  • Update and patch systems and software to protect against known vulnerabilities.
  • Enable virtual patching, especially for operating systems that are no longer supported by the vendor.
  • Implement multi-factor authentication and least privilege access policies to prevent abuse of tools that can be accessed via admin credentials, like remote desktop protocol, PowerShell and developer tools.

Subscribe to Newsletter here


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.


Peter Dinham

Peter Dinham - retired and is a "volunteer" writer for iTWire. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).





Guest Opinion

Guest Interviews

Guest Research & Case Studies

Channel News