Getting to know your attack vector threats and how to mitigate them. Cybercriminals use attack vectors to access networks by targeting infrastructure (network, hardware, cloud), applications and team members.
“Conveyancers should be reminded that preventing a ransomware attack is far easier and cheaper than recovering from one,” said triSearch chief executive Chris Gibbs.
“An effective way to prevent, for example, a ransomware attack is for conveyancers to understand these attack vectors (below) and be proactive in providing stronger cybersecurity measures.”
Identity Fraud
Identity fraud is the ability for cybercriminals to hijack someone’s identity by combining fraudulently obtained personal information with generally available information on professional and social media platforms.
Advancements in AI technology now allow cybercriminals to impersonate consumers’ voices and faces to bypass many of the common two-factor authentication (2FA) verification controls.
They can then use available information and AI to generate new synthetic profiles with documents, facial images, and voice cloning to apply for loans and claim social benefits.
Not only does this create additional challenges for conveyancers to authenticate their customers, but it can also pose serious financial and personal risks for individuals.
Tip
The Australian Federal Police explain everything you need to know about Identity Crime and how to prevent it. Click here.
Phishing Emails
Every day 3.4 billion phishing emails are sent by cybercriminals worldwide.
In a phishing attack, a cybercriminal will send malware or malicious links in a phishing email.
With the “look and feel” of phishing emails continually improving to appear like a trusted contact or company, a user may unknowingly click on a link contained in the email.
This simple click can set off a chain of events by installing a ransomware program on the computer.
Not only do phishing attacks cause havoc via ransomware, but the pay-load can be even more malicious as the cybercriminal may extort a firm by locking down infrastructure until a ransom is paid.
Tip
The ACSC explains phishing attacks and what to do if you’ve been exposed here.
Remote Desktop Protocol (RDP)
RDP is an access portal that allows a user or administrator to connect to your computer from another location. RDP is a feature built into the Windows operating system that helps businesses manage their IT network and fix any issues that might arise on an employee’s computer.
If a firm’s RDP setting is configured improperly, a cybercriminal can launch a ransomware attack on its business networks.
RDP attacks pose a significant risk to not only conveyancers, as they are common amongst businesses of all sizes. Both large and small organisations, including law firms are impacted due to open RDP ports.
Also, companies with team members working remotely and who require access to their firm’s infrastructure are especially vulnerable.
Tip
Click here for the ACSCs guidance on security risks associated with the use of RDP.
Fraud-as-a-service (FAAS)
Fraud-as-a-service is commonly seen when cybercriminals impersonate supply services to carry out fraudulent activity.
Cybercriminals are turning to automated voice bots for impersonating businesses and socially engineering customers either over the phone, or via email.
Cybercriminals can copy a business’s email signature and bank details, changing only one or two numbers in the accounts, to have your clients transfer funds to their own account, instead of the intended recipient.
Tip 1
A common prevention method is to never exchange details through unsecured communication tools and have all settlement and payment options secured with billing and accounting software.
Tip 2
Educate each client that your business will never ask for fund transfer details to be sent in emails, and to double check and verbally confirm any fund transfers with other businesses and clients throughout the property purchase or sale.
Ransomware Attacks
Ransomware is a serious issue that all businesses need to consider but few are willing to discuss due to the significant impact a ransomware attack can have on a businesses brand and reputation.
Rates of cyberextortion and ransomware have risen exponentially in Australia over the past 36 months. The federal government has recently introduced a bill mandating reporting of attacks by ransomware requiring businesses with turnover above $10 million per year to disclose a ransomware attack and whether they paid a ransom (and how much).
The challenge for the conveyancing industry is the $10 million threshold would exclude more than 90 per cent of Australian conveyancers.
Ransomware attacks will continue to go unreported and unseen.
Warning
Cybercriminals are increasingly using supply chain and software platform attacks. These cause harm across Australia’s economy but may well only affect smaller businesses.
In 2022, many Australian businesses, including conveyancers, were downstream victims of ransomware attacks.
Tip
The Australian Cyber Security Centre offers guidelines on how to protect yourself and your business from ransomware attacks here.
Exploit Kits
One of the more dangerous ways ransomware can access a conveyancing firm’s network is through malicious vulnerabilities written into an exploit kit.
An exploit kit is an advanced malware tool that helps cybercriminals target victims through existing security gaps from well-known software and hardware in popular technology manufacturers.
Cybercriminals publish exploit kits that are developed on the weaknesses and security holes of popular platforms such as Adobe Java, Adobe Flash, and Microsoft Silverlight.
They are a collection of malware and malicious code in an “all-in-one” platform that helps hackers carry out sophisticated cyberattacks.
History
Some of the largest cyberattacks in history, such as WannaCry, infected millions of Windows computers with ransomware. The ransomware used a stolen National Security Agency (NSA) exploit called EternalBlue that allowed cyberattackers to take advantage of a vulnerability in the Windows operating system.
Microsoft eventually released a security update that closed the vulnerability but not before millions of computers and hundreds of thousands of firms had been impacted.
For more insights and tips on cyber awareness, download edition two of the Australian Conveyancer.
