Companies have their work cut out ensuring consumer data isn’t falling into the wrong hands. Luke Frost from Digital Data Communications explains how.
Every business, whether large or small, needs to have a customer-facing website these days, and in the 12 months to May 2014, Australians spent $15.3 billion on online retail sales, reports Australian security services company Seccom Global.
While this level of online activity is great for commerce in Australia, it also brings with it a host of problems – potentially very damaging ones. Marketing companies and web developers know that a website needs security, but many do not understand the depth of online threats that exist, and the ever-evolving complexity of attacks.
Regardless of whether a website sells directly to the public, or simply exists as a tool to host marketing information and contact details, an attack can be disastrous to business credibility and continuity. Imagine a client happily selling from the web one minute, then having to contact an entire customer base and explain that their security has been compromised. Payment details may have fallen into the hands of criminals, a foreign entity may be blackmailing the company or simply there has been a malicious attack and sales can’t continue as the online inventory is down.
Such a large target as Australia’s online business will inevitably be tempting to all manner of cyber criminals, and the sophistication of today’s hackers makes websites increasingly vulnerable. Most websites have a basic level of protection, usually in the form of a firewall at the domain of their host. However, a firewall is often a poor defence against modern attacks, leaving websites open to theft and fraud, which is severely damaging to a company’s reputation and business.
Attacks can take many forms, and are constantly evolving in size, scope and complexity. DoS or Denial of Service attacks are designed to disable a network or a network resource by consuming available resources and thus disabling legitimate user access. There are two general forms of DoS attacks: those that crash services and those that flood services so that normal business operations cannot continue.
Ransomware is the terminology used for software that infects a victim’s network, and then demands a ransom in order for hackers to unlock it. Cryptoware and Cryptolocker are two common examples of this form of attack.
Another form of cybercrime is the ‘waterhole attack’, where the attacker will gather strategic information about a business, such as trusted websites often visited by employees, then insert an exploit into the selected site. Victims will visit the compromised site and unintentionally download malware such as Remote Access Trojans, allowing the attacker access to confidential information or to take control of vulnerable systems.
Phishing, identity theft, triangulation attacks, botnets, zero-day attacks – there are many more dangers lurking in the cyber world, and Australian businesses need to be vigilant in order to stop them. A plan, a top-line defence and a strategy for reporting potential hazards to the authorities are all essential in order to preserve a stable business and customer trust.
Michael Demery, one of Australia’s leading data security experts, said: “Imagine what an attack could do to your business. Aside from leaving customers open to potential credit card and identity theft, the very fact that your resources were attacked could be very damaging to the company’s reputation. Being the source of a damaging and debilitating attack could cause endless headaches, and take a long time to recover from.”
When focusing on protecting a website it is important to recognise that all sites are different. A business website can be as simple as a single static HTML page with no dependencies, through to complex sites utilising multiple operating systems and software applications working in synergy with each other.
A firewall working alone is simply not enough protection these days. Businesses in Australia need a security plan, some basic form of risk assessment, a strong, dedicated online security provider and a means of telling the proper authorities when an attempted attack takes place.
A Managed Security Services Provider (MSSP) can offer far greater protection to a business, as well as providing invaluable reports on where attacks are coming from. With the dangers becoming ever more sophisticated, risking business continuity by leaving things to chance simply isn’t a wise option any more.
Guard against attack…by planning ahead. Make sure you are on top of the following:
- Educate yourself and users of the potential risks
- Understand your responsibilities
- Monitor and manage any potential incursions
- Implement strong password and encryption technologies
- Invest in Tier 1 security tools and systems to protect your site
- Work with security focused service providers
- Report any incursions promptly to the correct authorities
ING Australia has taken on a new tagline, ‘Do your thing’, with the new brand direction articulating the bank’s approach to being there, alongside its customers, as they go about doing the things that matter most to them. ING’s head of brand Carly Yanco said: “We’ve just lived through a year where the everyday things […]
Australia’s media agency market has reported softer advertising demand in January as the delayed Australian Open and the continued impact of COVID 19 briefly interrupted the market’s COVID recovery. Total media agency ad spend was back 7.3 per cent in January as the Metropolitan TV market – our largest media sector – reported a 5.3per […]
Media strategy specialist Slingshot has won the strategy, planning and buying account for Masterpet, and Endeavour Consumer Health. Masterpet owns pet care brands Black Hawk, VitaPet and Aristopet, while Endeavour Consumer Health includes brands like Red Seal, Pharmacy Choice and Faulding. Slingshot CIO and Partner Simon Corbett (pictured) said that winning the two businesses was […]
Leading South Australian ageing care provider ECH (Enabling Confidence at Home) is shining a light on the need for Australians to talk openly about death with their family members and loved ones to ensure any specific wishes or choices can be fulfilled. Australia faces a significant societal challenge as death continues to be a subject […]
You might have noticed a colourful scoreboard sitting on the B&T homepage this month. Well, allow us to formally introduce ourselves – and it. We’re Zavy. And we believe in the promise of social media: brand building by two-way engagement and rich communication. What does this have to do with a scoreboard? We all […]
Full service agency Apparent has expanded its dedicated media division with the appointment of Phoebe Chan as head of media and advertising operations and Jaclyn Ely as client partner, media. Headed by former Naked Communications and Ikon executive John Halpin, Apparent’s media division has seen 88 per cent growth over the past 12 months across […]
Identity Graphs have emerged as a way to bring customer data together in a centralised place. But when it comes to marketing and discovering new audiences, this technology is about so much more than collating data, explains smrtr’s co-founder and CTO Boris Guennewig. Identity on the internet is a multi-faceted phenomenon. It might exist in […]
In this opinion piece, Jess Miles, Country Manager ANZ of Integral Ad Science, reflects on the questions surrounding consumer data. The ability to collect consumer data online has revolutionised digital advertising by enabling customised targeting strategies and data collection. This reliance on data has been the cornerstone of many audience targeted strategies enabling marketers to […]