Australian Cyber Defence

17/07/2024

🔒 Creating a strong password is your first line of defense against cyber threats. Protect your personal information by using complex, unique passwords.

For more information, visit us at australiancyberdefence.com.au
💻🛡️

07/07/2024

🔒 One key reason cybersecurity is essential for small businesses: it safeguards sensitive data and prevents costly cyber attacks. Learn more at australiancyberdefence.com.au 🌐

30/06/2024

🔒 Managing your passwords can seem daunting, but it’s your first line of defense against security breaches. Now is the time to change your passwords and protect your information! 🔑✨
Visit us at www.australiancyberdefence.com.au for more information.

Also go to www.haveibeenpwned.com to check if your credentials have been part of a big data breach, like Medibank or Optus.

23/06/2024

🔐 Preventing cyber-attacks in offices involves a multi-layered approach that combines technology, policies, and employee awareness. Here are some effective strategies to help secure your office environment. 🤝

🌐 For more information, visit us at www.australiancyberdefence.com.au

18/06/2024

By understanding these threats and implementing robust cybersecurity measures, SMBs can significantly reduce their risk of falling victim to cyber attacks. 🛡️🔒

🌐For more information, visit us at australiancyberdefence.com.au

12/06/2024

The amount of data that real estate managers require from their tenants is bordering on the obscene. In very recent memory, a russian was selling 18,000 lines of Australian Data, including:

- Names
- Addresses
- Driver’s licences
- Landline and mobile numbers
- Emails
- Employer and occupation details
- Bank account numbers and BSBs
- Length at (current?) residence
- Employer address
- Work phone numbers
- Employment verification number
- Monthly income
- Length of employment
- Months with bank
- Email details

If you are going to hold this level of information, it is YOUR responsibility to keep it safe. You cannot simply throw your hands up and say "well, our IT support handles that stuff". Ask them the question 'how are we protecting our clients data' TODAY, don't wait until you have the government breathing down your neck. If they get evasive, or make some grandiose claims without anything to back it up, it might be time to think about getting a new provider.

If you work in real estate, but you're getting pushback from leadership, remind them that under the Privacy Act (1988) APP 11, directors are personally liable if they fail to properly protect sensitive data. That means the DIRECTOR is the one paying the fine and getting questioned by the OAIC, not their organisation.

I'm available for free 30 minute consults, drop me a line if you want some guidance on having that conversation: https://calendly.com/lukemarsden/30min

https://www.abc.net.au/news/2024-06-11/tica-virtual-manager-rental-database-privacy-breach/103902856

The Australian Information Commissioner found TICA's controversial "virtual manager" service, which allows real estate agents to track tenants indefinitely, was subject to the same restrictions as the company's formal tenancy blacklist.

04/06/2024

18,000 lines of Australian bank account details, as well as driver’s licence numbers, have been put up for sale on the dark web.

Bank details up for auction include account numbers, BSBs, and a long list of employment data.

26/05/2024

🛡️ Teaching employees about all of the ways that data breaches happen could make them more vigilant and safeguard the company better.

For more information, you can visit us at australiancyberdefence.com.au

24/05/2024

💸 Heads up! Did you know the average cybercrime incident costs Australian SMBs $46,000? Don't worry, we're here to help! Australian Cyber Defense is your partner in keeping your business, clients, and reputation safe. Let’s stay secure together! 🔒

You may visit our website at australiancyberdefence.com.au to schedule an appointment or by calling 300 100 288.

24/05/2024

There is a new statement out from the Privacy Commissioner on the . Still very light on details...

Read the OAIC’s media statement about the data breach involving MediSecure.

23/05/2024

Another day, another and attack on an Australian company. This time, it's a printing company known as "Advance Press".

Ransomware gangs are increasingly opting for a 'double extortion' approach, both encrypting the victims files and exfiltrating sensitive data. "Pay the ransom, or we'll leak the data, potentially causing massive reputational damage and incurring government fines. Oh, and we'll also unlock all your files so you can stop bleeding income."

This is in response to a push by industry and cyber-insurance companies to ensure that critical data is properly backed up and able to be restored. Who's going to pay your ransom demands if the victim can quickly and effectively restore their data?

Of note is that the leaked files go back all the way to 2010. That's 24 years worth of data, why on earth would you keep it for that long!

I emplore you, dear readers, please have a look and see exactly what data you're holding on to. If there isn't a need to keep it for regulatory reasons, either destroy it or put it somewhere that isn't accessible from the internet.

Data extortion group Ransom House has listed printing company Advance Press on its dark web leak site, claiming to have stolen company data.

16/05/2024

Another day, another major Australian healthcare organisation getting breached!

No details as of yet, but:

a) Them using the language "ransomware data breach incident" makes me think that their systems are down AND sensitive data was exfiltrated.

b) the fact that there is a 'whole-of-government' involvement leads me to believe it's very high on the whoopsie scale.

Is this another Medibank? Who knows, but events like this tend to drive legislative change so watch this space.

Australia’s National Cyber Security Coordinator has said they are working on a “whole-of-government response to this incident”.