Story image

Phishing leading cause of data breaches across Australia

Phishing attacks have been revealed as the primary cause of data breaches in Australia, with new research from Carbon Black reporting phishing attack-related breaches were highest in government and local authorities, followed by organisations in financial services and manufacturing and engineering.

Carbon Black's Australian Threat Report, in its second year, surveyed 250+ CIOs, CTOs and CISOs across Australia. 

The report found 97% of Australian organisations reported suffering a data breach during the past 12 months, while 90% of Australian organisations reported an increase in overall attack volume in the past 12 months.

According to the research, 89% of Australian organisations said cyberattacks have grown more sophisticated. Moreover, 98% of Australian organisations said they have IT security concerns around digital transformation projects and 5G network rollout.

Eight six percent of Australian organisations said they are more confident in their ability to repel cyberattacks than they were 12 months ago, and 93% of Australian organisations said threat hunting has improved their defenses.

The report also says 96% of Australian organisations said they plan to increase their security budgets over the next year.

“As we analyse the findings of our second Australian Threat Report, it appears organisations are adjusting to the ‘new normal’ of sustained and sophisticated cyberattacks," says Rick McElroy, head of security strategy, Carbon Black.

"Greater awareness of external threats and compliance risks have also prompted organisations to become more proactive about managing cyber risks as they witness the financial and reputational impacts that breaches entail," he says.

Phishing attacks were found to be the prime cause of breaches in Australia, at 27%. McElroy says this indicates hackers are targeting the weakest link in the security chain – end users.

The report found phishing attack-related breaches were highest in government and local authorities at 44%, followed by organisations in financial services at 25% and manufacturing and engineering at 24.5%.

The report found that 56.5% of Australian organisations surveyed noted a degree of financial damage associated with breaches, with 17% saying the damage was severe. 

Seventy five percent of respondents said they suffered damage to their corporate reputation. Reputational impact was felt most keenly in the government and local authority sector, with 44% reporting severe damage, just ahead of the utilities sector where 43% suffered severe fallout.

According to the report, defender confidence is on the rise. Participating Australian organisations reported feeling more confident (86%) in their ability to repel cyberattacks than they did 12 months ago, with 43% of respondents said they feel a little more confident and 43% feel a lot more confident.

“As the cyber defence sector continues to mature, organisations are becoming more aware of the tools at their disposal and the tactics they can use to combat cyberattacks," McElroy says.

"We believe this growing confidence is indicative of a power shift in favour of defenders, who are taking a more proactive approach to hunting out and neutralising threats than previously," he explains.

This is underlined by the 93% of Australian organisations surveyed who reported seeing their defence strengthened through threat hunting and 86% who found evidence of malicious cyberattack activity during hunting exercises. 

Recognition of cybersecurity investment benefits is further supported by the fact that 96% of Australian organisations surveyed said they planned to increase cybersecurity budgets in the next 12 months.

The research also highlighted concern about digital transformation, 5G rollout and cyber skills shortages.

Asked about the security around the implementation and management of digital transformation programs and 5G rollout, only 2% of Australian respondents said they had no concerns, while 49% predicted it would offer more effective and destructive methods of cyberattacks.