Zimperium says Australians at higher risk of cyber attacks as malware soars on Russia’s Ukraine invasion
An explosion in state-sponsored cyber attacks has insurers on edge as Zimperium warns working from home makes businesses more vulnerable.
Australians are more than twice as likely to fall victim to mobile phone scams than the Rest of World, a report from the company that protects the devices of US troops, as Russia’s invasion of Ukraine also unleashes a cyber war.
Texas-headquartered Zimperium, which counts Telstra Ventures as an investor, has detected more than 2 million new mobile malware samples, equating to an average of 35,000 new strains a week, according to its latest global mobile threat report.
It comes as Fitch Ratings says cyber attacks on business and government agencies have surged following Russia’s invasion of Ukraine, warning the risk of spillover cyberattacks against non-primary targets are becoming much more widespread.
This has prompted a range of insurers to clarify policies, which generally exclude “acts of war” and put pressure on premiums.
Zimperium’s report found that 25 per cent of mobile phone users in the Asia Pacific region encountered malicious websites in the past year. This compares with the global average of 12 per cent.
Phishing was the No. 1 threat across Australia’s 21.6 million smart phones – which are split 55.1 per cent Android and 44.6 per cent Apple’s iOS.
It is a crisis that is expected to worsen, with cyber security failure the biggest challenge facing business in the next two years, joining climate change, according to the World Economic Forum.
Fitch said Russia’s invasion of Ukraine “amplifies the broader trend of increased volume, size and sophistication of attacks, with corresponding significant financial, reputational and legal risks to issuers”.
“Cyber insurance is a key risk management tool. However, increased scrutiny regarding “acts of war” exclusions in policies has led insurers to clarify cyber policy language and address ”silent cyber” issues by adopting wording that specifically excludes or affirms coverage of cyber events,” Fitch said.
“Insurers have also incorporated coverage sublimits for cyber insurance, increased premiums, and/or required stronger cyber hygiene for the insured.”
Already, cyber attacks have jumped 13 per cent in the past year, costing Australians $33bn, with the Australian Cyber Security Centre receiving 67,500 cyber crime reports, as criminals take advantage of the Covid-19 pandemic, preying on vulnerable people desperate for information.
Zimperium, which protects the smart phones and other mobile devices of tens of thousands of American troops globally after winning a US Department of Defence contract in late 2020 – said cyber criminals infiltrated devices via common communication tools like SMS messaging, social media and other chat programs.
They also infected mobile phones via in-app messaging, bypassing Google and Apple store controls. Zimperium also warned companies that businesses are at greater risk of online attacks as they sacrifice cyber security protocols to cater to growing demands from employees to work home permanently.
Zimperium chief executive Shridhar Mittal said many cybersecurity systems have failed to keep pace with modern hi-speed internet and mobile networks.
“Distributed and hybrid workforces, ever-connected devices, high speed 5G connectivity, and increased critical data access from remote locations have spread enterprises worldwide,” said Mr Mittal said. t
“This level of mobile connectivity will remain the expectation for workers, customers, and enterprises for decades to come, but today’s cybersecurity was not built to support these environments – and attackers know it. Organisations need to come to terms with how to effectively secure this new reality, and this research will provide critical visibility and insights to help get there.”
Fitch acknowledged that government agencies globally have highlighted increased cyber risk amid the deepening crisis and it was “closely monitoring” the response across various jurisdictions.
“Earlier this year, the US Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the National Security Agency issued a joint advisory, warning critical infrastructure entities of increased risk of Russian state-sponsored attacks.
“In the past month, the UK’s National Cyber Security Centre and Financial Conduct Authority warned large organisations to bolster their cyber defences and the European Central Bank asked banks to strengthen their cyber hygiene measures. The Australian Cyber Security Centre has also encouraged organisations to urgently adopt an enhanced cybersecurity position. This is a fluid situation that Fitch is closely monitoring.”
‘No answers yet’ for Trump’s looming China trade war
Belkin boss Steve Malony has ‘a lot of questions’ about what Donald Trump’s plan to impose tariffs on foreign tech hardware will mean for supply chains and manufacturing in the US.
‘Dark MAGA’ rising: Trump victory a golden age for Elon Musk
Elon Musk said he voted for Joe Biden in 2020. But his discontentment with the state of US politics has been brewing for years, as Donald Trump brands him a ‘super genius’ who ‘we have to protect’.