Cybersecurity Awareness Month is an initiative where government agencies and private industries collaborate to raise national cybersecurity awareness every October. The month is dedicated to sharing resources to educate business leaders and IT decision-makers on the new threat landscape, implementing best practices, and fraud-tackling strategies.
Cyber.gov.au announced the first week's theme is 'Have you been hacked?' With the recent Optus data breach, consumers are worried whether their information can be used against them to commit payment fraud or if fraudsters are potentially going to carry out further attacks on other businesses.
This blog explores how to detect warning signs if you suspect your sensitive information has been compromised.
How Do I Know If I've Been Hacked?
With the current threat landscape rapidly evolving, sophisticated cybercriminals are targeting businesses from all angles. It is crucial that you stay aware and up to date on the types of techniques fraudsters use to identify if your organization has been compromised.
Sometimes, a data breach can be obvious. Other times, it is more deceptive. Here are key indicators to look out for:
1. Unauthorised Transactions & Bank Activities
It is no surprise that most cybercriminals' main motivation behind their attacks is financial gain.
One clear indicator to know if your business has been infiltrated is if you identify unauthorized transactions and unusual bank activities. It may be obvious to spot that large funds have disappeared from your business account.
However, for SMEs, it could be unknown that a hack took place if perpetrators discreetly withdrew insignificant amounts. If you suspect your financial information has been compromised, there are a few things to look out for:
Duplicate payments
Suppliers with cancelled or returned checks
Abnormal invoice volume activity
Rounded invoice amounts
Transferring funds to an unknown BSB and account number
Unknown created business accounts
Accounts payable (AP) departments should ensure that all transactions are visible and transparent to minimize the risk of payment fraud. A good tip for organizations is to conduct external audits annually to detect and eliminate fraud such as false billing schemes, expense reimbursement schemes, and check tampering.
2. Unusual Account Behaviour or Suspicious Logins
Another indicator is if you identify unusual account behavior on accounts like unusual granted permissions or unknown users. For instance, you might not be able to access your ERP account, bank account, invoicing software, or email account using your username and password.
The tactic behind the attack is to gain access to sensitive files including personal information, phone numbers, credit card details, or email addresses while locking you out to restrict your access.
If the information has landed in the hands of the attacker, they may attempt the following:
Business identity theft
Defraud your organization
Commit Ransomware to return stolen data
Sell data on the dark web
Share data with other dangerous organized criminals
Organizations should be quick to act if they have been compromised. If you fall victim to a data breach then it's crucial you act immediately and follow your data breach response plan.
3. Unexpected Software Installs & Malware
Another sign of a data breach is if you identify any unexpected software installed on your work device such as laptops, tablets, or mobile devices. This is referred to as potentially unwanted program (PUP) which includes spyware, adware, or keyboard loggers.
PUPs typically appear when downloading a new program and going through the installation process impulsively. In addition, malicious software (malware) is a continuous method attackers use to infiltrate your organizational network through fake email attachments or visiting a fraudulent website.
Malware is a notorious method that can be delivered in several forms depending on the intention of the hacker who orchestrated the attack. Malware types include:
A computer virus designed to reproduce itself and spread across files or programs
A Trojan horse designed to damage, disrupt, steal or in general inflict harmful action on your data or network
Much like a computer virus, a computer worm that spreads across networks as opposed to a virus that spreads across files
Why Do People Hack?
Cybercriminals have various motives as to why they commit fraudulent activities. To reinforce this, organizational data is valuable information to criminals. This means that organizations of all sizes can be potential targets for falling victim. We explore five primary reasons why fraudsters target enterprise businesses:
Financial Gain
It is no surprise hackers' primary motivation is to defraud your organization through payment fraud schemes. Hackers will often target small-to-medium enterprises due to the lack of sophistication in cybersecurity controls of the business. The effort involved in targeting SMEs is minimal, having cybercriminals work less to achieve the same level of cyberattack.
For organizations, severe consequences occur in the aftermath of a cyberattack. For instance, once a cybercriminal has infiltrated your organization’s network or deceived your AP’s department, they may generate duplicate credit cards or steal the identities of victims to sell on the dark web.
Vulnerability Scanning
Another objective for cyberattacks is vulnerability scanning. This act involves hackers identifying security vulnerabilities by inspecting potential entry points that they can exploit on a computer or network.
Unlike penetration testing, vulnerability scanning allows criminals to plan & target low-hanging fruit because of the lack of education and resources of an organization. As a result, this tactic can lead to business identity theft, malware, or ransomware.
Religious, Political or Social Beliefs
Hacktivism is the act of hacking or infiltrating a network system with religiously, politically, or socially motivated purposes. According to Cyber.gov.au, hacktivists may target organizations using techniques aimed to cause disruptive or destructive harm. This can result in collateral effects on organizations beyond the primary intended targets.
Primarily, hacktivism is carried out by an individual or group’s perception of what they consider to be fair or unjust. An example of a real-world hacktivist group is identified as “Anonymous."
Anonymous is behind some of the largest hacktivist attacks in history, with 2022 seeing the group declare cyberwar on the Russian Ministry of Defence. Despite government efforts, organizations should be aware of hacktivists and the business disruption they may bring.
Espionage
Corporate espionage, also known as industrial or economic espionage, is a form of espionage conducted for commercial purposes. The purpose of corporate espionage is to achieve a competitive advantage in the marketplace by performing improper or unlawful theft of trade secrets or other knowledge.
Both governments and private organizations can be victims of espionage; however, the motivation behind the hacker to commit espionage is dissimilar. Typically, governments are compromised due to state secrets whereas private organizations are compromised to seek trade secrets.
CFOs Must Take Ownership of Their Cybercrime Strategy
With the increased cybersecurity threats landscape involving deep fakes, business email compromise, and malware, CFOs must be involved in every stage of their organization’s internal cybersecurity conversations, planning, and execution.
During this year’s cybersecurity awareness month, AP departments can increase their security awareness training so that they are more equipped to identify potential attacks and respond with the appropriate action.
Taking a step further in strengthening security controls and staying secure online is having Eftsure sitting in your accounting function. You can identify errors, fraud, and fraud attempts before releasing funds by verifying the bank account name, BSB, and account number.
