With National Cyber Security Week recently passed, and some high-profile online security breaches making international headlines, brands in Australia are being warned about the implications of turning a blind eye to the issue. ANDREW JENNINGS asks whether the concern over cyber crime is genuine, or just a piece of scaremongering by the authorities.
Late last month, Commonwealth Bank chief exexutive Ian Narev told the Group of 100 congress of leading finance executives that the threat of a cyber attack is one of his biggest fears.
“The security of our perimeter and our ability to understand what sorts of things people might try to do, what sorts of ways they could put our relationship with customers in jeopardy, is something we worry about all the time,” Narev told the meeting in Sydney.
His comments arrived the morning after the night before.
The ABC’s Four Corners program the previous day featured a report that alleged that the designs of the Australia Security Intelligence Organisation’s (ASIO) new Canberra headquarters had been leaked to foreign powers – in particular, the Chinese.
Not only that, Four Corners reported that details of ASIO’s communications cabling, server locations, floor plans and security systems had also been pinched.
While Prime Minister Julia Gillard and Foreign Minister Bob Carr reached for the diplomatic panic button – with the former describing parts of the report as inaccurate – it was clear the business community had been spooked.
Last year, the World Economic Forum’s Global Risks Report stated that cyber attack is one of the top five global risks facing business leaders. And Twitter recently unveiled technology to boost security for its users, following a number of cyber attacks on the accounts of leading media outlets, including the Associated Press and the Financial Times.
Despite certain strands of paranoia seeping into recent pieces of commentary around the issue of cyber security, particularly the Australian Government’s odd obsession with secrecy, the pivotal point of note for brands in Australia is that they continue to overlook the rudimentary basics of IT security.
This includes the simple measures of resetting passwords, keeping confidential material off servers and updating software. “The key thing to remember is that hackers will always target the weakest link,” says Craig Searle, operation director for BAE Systems Detica.
“And at the moment, there’s a realisation in the hacking community that social media tends to be poorly secured, operated by people that are not IT security experts, and therefore tend to fall into common mistakes when it comes to password security or account management.”
According to the Department of Broadband, Communications and the Digital Economy, 67% of Australian internet users admit that they don’t change their passwords regularly.
On top of this, 43% of internet users believe that someone else knows at least one of their security passwords.
Three in five internet users aged over 55 access Wi-Fi at home, with half still using the default password, no password or not being aware if they have one. Jason Chuck, managing director of the Australian arm of international online dating giant eHarmony, warns: “For all their schemes, fraudsters are dependent on you providing them with information.
“At some point, you have to give them access, details, or give them money, before they can commit their fraud.”
Although eHarmony can boast its own dedicated cyber security team, it is also very much reliant on its members alerting the team to suspicious activity.
BAE Systems Detica’s Searle says that for brands using social media, protecting themselves against hackers and spammers is crucial. He argues that companies risk losing their customers if problems are not resolved quickly, and he warn that a brand’s reputation can be seriously – and quickly – compromised by damaging cyber attacks.
“It can have some fairly devastating consequences for your brand, depending on how reliant you are on social media for brand awareness,” he says.
Twitter under fire
In the case of Twitter, it has come under fire over the past year for failing to offer what is known as “two-factor authentication”, amid several breaches of high-profile accounts, including a fake tweet about a White House explosion sent from the Associated Press account, which briefly spooked the markets.
Twitter, a service that is widely used on a daily, if not hourly, basis by consumers, political activists, advertisers and news outlets around the globe, responded to this by rolling out an optional ‘login verification’ service for users, designed to put a stop to hackers seeking to access accounts by using stolen passwords.
Searle adds: “Social media is a risky environment for brands to operate in. “Twitter and other social media channels tend to be run by marketing or communications professionals without any involvement from the IT security department.
These marketing and communications teams may not necessarily be aware of the security implications behind the systems.
“Social media professionals should, therefore, be trained to understand the inherent risks of social media platforms and how to protect and secure these channels.”
Searle suggests that many brands believe it is simply a case of getting a social media account open and running.
Brands don’t give enough consideration to what the implications of security breaches to these accounts could be.
“Everyone is very focused on getting their brand awareness out there, but many don’t have a system in place when things go wrong and they get hacked,” he concludes.
Sarah Mason, PR and brand manager at eHarmony, says that it’s continually difficult for companies to stay one step ahead of the hackers, who are changing their methods and learning new tricks every day.
“You can take precaution after precaution, but unfortunately, just as security measures are changing and getting better, hackers are changing and becoming different,” she says.
Mason adds: “However hard you work at guarding your brand, there’s always a chance that someone is going to get through.”
Please login with linkedin to comment
Locked down Victorians who don’t currently have an Optus Sport subscription will have complimentary access to Optus Sport from this weekend to enjoy the UEFA Champions League tournament plus access to premium health and fitness content through the Optus Sport app. UEFA Champions League – the world’s premier continental football tournament – kicks off at […]
Torrens University Australia has launched ‘Career Crush’ via VCCP Sydney and Lash, to help match students with a career they’ll love. Career Crush is an online quiz that determines prospective students’ personal strengths, passions and aspirations to match them with the careers and courses they’re most compatible with. One of the toughest decisions young people […]
Pedestrian Group has partnered with Nine subsidiary Mi9 New Zealand to offer NZ brands the opportunity to partner with the likes of Business Insider Australia, Pedestrian.tv and Gizmodo Australia. Next month, Mi9 New Zealand will be representing Pedestrian Group in the NZ market, offering clients the opportunity to work with leading youth publications including Lifehacker […]
ViacomCBS Networks International (VCNI), a division of ViacomCBS, is launching a premium streaming service internationally, appealing to audiences of all ages. The new SVOD service will start its international roll-out early in 2021, offering exclusive premieres of all new SHOWTIME series, including Halo and American Rust. CBS All Access originals will also premiere exclusively on the new service, such […]
As part of a larger project to refine their brand with partner branding agency Re, Optus have engaged experimental creative studio FutureDeluxe to explore how the iconic ‘Yes’ brand mark behaves in a sophisticated 3D environment. FutureDeluxe have produced a series of 8x idents and a number of static key visuals which will be used […]