New data from Texas-based Zimperium – one of Telstra Ventures’s 80-plus investments – has revealed the locations at greatest risk of cyber attacks across Australia and New Zealand.

It is a crisis that is expected to worsen, with cyber security failure the biggest challenge facing business in the next two years, joining climate change, according to the World Economic Forum.

Already, cyber attacks have soared during the pandemic, rising 13 per cent in the past year, costing Australians $33bn, with the Australian Cyber Security Centre receiving 67,500 cyber crime reports.

Zimperium, which protects the smart phones and other mobile devices of tens of thousands of American troops globally after winning a US Department of Defence contract in late 2020 – said cyber criminals were exploiting a relaxation of online security protocols from companies as scores of their employees work from home.

Zimperium Asia Pacific general manager Akhil Bhutani said attacks were platform agnostic, targeting both Apple and android devices, with unsecured Wi-Fi networks the greatest point of vulnerability.

“There was a statistic that’s really worrisome that came out last year – 47 per cent of enterprises sacrificed security of their mobile end points in order to enable their employees to be effective working remotely,” Mr Bhutani said.

“So what we are healing is that almost half of organisations out there have sacrificed the security of their data, their employees’ devices in order to enable mobile device access. They know there is a problem but they are willing to take the risk.”

Phishing attacks – or malicious emails – were the most common form of attack, accounting for 90 per cent. Mr Bhutani said this can either be broad, with spam emails infiltrating inboxes, or targeted at businesses and individuals. App attacks, where criminals exploit poorly protected code in applications downloaded on mobile devices, were also popular.

Mr Bhutani said unsecured Wi-Fi networks and allowing anyone to access Airdrop on Apple devices were a vulnerable entry point for attackers because it allowed them to access and monitor people’s information.

“Apple’s done a very good job of installing security controls … they‘re making it so that you have to accept an Airdrop, but what it is still doing is broadcasting your user information, your device, your name out to the world and so that could be used for surveillance.

“And situations like that’s where we come in and say, ‘OK, this is where you need to be thinking about your mobile device hygiene, how are you keeping your device clean, how you are keeping it secure”.

Attacks were spread across Australia’s main population centres, according to the Zimperium data. Similar mapping completed by the company in Japan ahead of the Tokyo Olympics last year found unsecured Wi-Fi around train stations were an entry point for attackers.

The World Economic Forum report, published in partnership with Marsh McLennan, Zurich Insurance Group and SK Group, revealed cyber security failure among the top five challenges facing business, along with extreme weather, climate action failure, infectious diseases and debt crises.

Marsh head of risk management, Asia & Pacific, Scott Leney, said growing digital dependency over the past 20 years has “drastically shifted how businesses function, with Covid-19 accelerating many organisations’ digital transformation strategies”.

“Cybersecurity Failure was nominated as the top global risk by four countries, the UK, Ireland, New Zealand and Australia,” Mr Leney said.

“Cybersecurity threats continue to grow, ransomware attacks in particular continue to increase in frequency, severity and sophistication impacting organisations of all size and industries and outpacing our ability to effectively prevent or respond to them.

“Supply chain, as felt so acutely during Covid, and systemic risk now garner more focus from business leaders.”

Mr Leney’s colleague, Carolina Klint, March’s risk management leader for continental Europe said as companies recover from the pandemic, they are rightly sharpening their focus on organisational resilience and environment, social and governance credentials. But they needed to adopt more sophisticated cyber security defences.

“With cyber threats now growing faster than our ability to eradicate them permanently, it is

clear that neither resilience nor governance are possible without credible and sophisticated cyber risk management plans,” Ms Klint said.

“Similarly, organisations need to start understanding their space risks, particularly the risk to satellites on which we have become increasingly reliant, given the rise in geopolitical ambitions and tensions.”

The World Economic Forum report involves surveying more than 12,000 business leaders across 124 economies between May and September last year.

Telstra Ventures has branded cyber attacks a “modern day version of warfare” that is going to require company directors to step into the vanguard to protect health and hospital systems and vulnerable Australians.

The venture capital fund backed by Telstra and US private equity heavyweight HarbourVest has invested more than $US100m ($138.6m) on more than a dozen cybersecurity start-ups to bolster defences for big business Online attacks from criminals and foreign powers increase in volume and scale.

“Somewhere between 60 and 80 per cent of companies fell victim to ransomware in the last year. Little wonder that we’ve seen governments and corporations stepping up to try and take the fight to the criminals,” Telstra Ventures managing director Matthew Koertge said this week.

“However, accessible, usable tools mean that attacks are easier to orchestrate, hence ransomware payments from US banks almost doubling between 2020 and 2021. As the frequency of these attacks increases, so does the power of the financial lure for criminals. This problem won’t go away anytime soon and I think it will get worse in 2022 before it gets better.”

More related stories

Financial Services

No surrender: Wilson-Bolton war in its final stages

The long-running conflict between Geoff Wilson and Nick Bolton must be amongst the most expensive and all-consuming in Australian financial services in recent decades.

Read more

Companies

Bosses fail to agree on controversial diversity plan

Finance industry heavyweights failed to agree on diversity reporting guidelines for ASX-listed companies at a Friday meeting.

Read more