The Armoury – October 2024

Welcome to The Armoury 

Cyber threats are getting sophisticated, and the number and style of threats are on the rise. We understand that your schedule is packed, but staying informed about cybersecurity is a top priority. With The Armoury, we've curated the most relevant and important content from trusted sources. Our team handpicks articles, news items, and tips that you need to know, saving you time and effort while ensuring you have the knowledge to protect yourself and your organisation. 

If you ever decide that The Armoury no longer aligns with your needs, you can easily unsubscribe at any time. 

Stay safe. 

Latest Cybersecurity News 

• Report Highlights Need for Enhanced AI and Cyber Skills in Australia. The Australian Computer Society (ACS) has released its tenth Digital Pulse report, emphasising the urgent need to boost skills in artificial intelligence (AI) and cybersecurity. Launched by Deputy Prime Minister Richard Marles, the report notes that Australia’s tech workforce has grown by 60% since 2014, surpassing one million, yet will require 1.3 million workers by 2030. It highlights lagging AI adoption, a significant cybersecurity skills gap, and the need for greater diversity. ACS calls for initiatives like reskilling and awareness campaigns to encourage more Australians to pursue careers in technology, ensuring competitiveness in the global digital economy. Source: Australian Cybersecurity Magazine 
• Woman Scammed Out of $813,000 While Buying a House. An Australian woman lost $813,000 during her home purchase after scammers created a fake email address that closely resembled her conveyancer's, changing just one letter. This clever tactic led her to unknowingly transfer funds to a fraudulent account. The woman became aware of the situation two days later and quickly reported it to her bank and the police. With the efforts of the Australian Federal Police (AFP) and the Joint Policing Cybercrime Coordination Centre (JPC3), she successfully recovered $777,000; however, some funds had already been moved to a cryptocurrency account. Source: 9News 
• Sensitive Data of Australia’s Security Personnel at Risk of Foreign Sale. A new report reveals that sensitive data about Australia’s security personnel, including politicians and intelligence staff, may be sold to foreign actors. The Real Time Bidding (RTB) system in online advertising exposes personal information, making individuals vulnerable to blackmail. Data such as financial status, health issues, and location can be auctioned to companies worldwide, including those in China. This raises urgent concerns about national security. Calls for government action are growing, as the federal government considers reforms to strengthen data privacy rules, although no specific timeline has been announced. 

Cybersecurity Tips & Best Practices 

• Use Decoy Accounts: Create secondary email addresses for less important registrations. This limits exposure of your primary email and helps keep spam at bay. 

• Practice Good Email Hygiene: Routinely delete old emails and unsubscribe from newsletters and services you no longer use. This reduces clutter and helps identify potentially malicious emails. 

• Stay Informed About Emerging Threats: Subscribe to cybersecurity news sources or follow industry experts. Keeping informed about new threats helps you adjust your strategies accordingly. 

Cybersecurity Awareness & Education 

Did you know?  

Malware can Spread through USB drives. Many malware infections occur when users insert infected USB drives into their devices. Always scan external devices for threats before accessing their contents to prevent unwanted infection. 

Cybersecurity FAQ 

How can I identify phishing emails? 

Phishing emails are designed to deceive you into sharing personal information or downloading malware. Recognising these scams is crucial for your online safety. Here are five tips to help you spot phishing emails. 

• Check the Sender's Email Address: Look for slight misspellings or unusual domains in the sender's email address that don't match legitimate organisations. 

• Look for Generic Greetings: Phishing emails often use generic greetings like "Dear Customer" instead of your name, which legitimate companies typically personalise. 

• Watch for Urgent Language: Be cautious of emails that create a sense of urgency or threaten consequences if you don't act quickly, such as "Your account will be suspended!" 

• Examine Links Before Clicking: Hover over any links to see the actual URL. If it looks suspicious or doesn't match the supposed sender's website, don't click it. 

• Be Wary of Attachments: Avoid opening attachments from unknown or unexpected sources, as they may contain malware or harmful files. 

Cybersecurity Events 

BSides 2024 

Date: 09 November 2024 

Location: Macquarie University Cyber Security Hub, Building M, See St, Meadowbank NSW 2114, Australia 

Register Here 

Australian Cyber Conference 

Date: 26-28 November 2024 

Location: Melbourne, Australia 

Register Here 

Cybersecurity Trivia of the Month 

In the 1960s, the term "hacker" originally referred to individuals who were passionate about exploring and improving computer systems. These early hackers were often seen as innovative problem solvers and enthusiasts who sought to understand technology deeply. Over time, however, the term evolved, and it now often carries a negative connotation associated with cybercrime and malicious activities. 

Recent Cyberattack 

Major Australian Mechanic Ultra Tune Suffers Alleged Cyber Attack 

On 18 October, the Fog threat group listed Ultra Tune, a major Australian mechanic and roadside assistance franchise, on its dark web leak site, claiming to have stolen three gigabytes of sensitive data. This data includes personal employee details, customer contact information, and internal records such as driver’s licenses, passports, and medical certificates. The specifics of the cyberattack are unclear, and it may not be a typical ransomware incident. This breach marks a shift for the Fog group, which has previously focused on quick attacks without operating a leak site. Alongside Ultra Tune, the group has also listed two other organisations, raising concerns about cybersecurity in Australia.  

Cybersecurity Meme of the Month 

Sign up for our The Armoury to get the latest updates on Cybersecurity first-hand via email. 

#itbusiness #technology #cybersecurity #cybersecuritytips #cybersecurityupdates #innovation