COVID-19 may be occupying the headlines in 2020 but with widespread lockdowns pushing us to spend more time online than ever, the threat of cybercrime presents a real and present risk.

Australia has long been a target for cyber criminals due to our wealth and wide-spread adoption of technology like online banking. Australia is the sixth most hacked country in the world, according to data compiled by the Centre for Strategic and International Studies.

You would have seen in June Prime Minister Morrison calling out a sophisticated ‘state-based’ actor for malicious cyber activity targeting government and business in Australia, stating that while the activity was not new, the frequency had been increasing this year. This ‘state-based’ actor was widely assumed to be China, particularly when a month later the US Justice Department accused China of sponsoring hackers who are targeting labs developing COVID-19 vaccines.

Large scale cyber-attacks have been launched by sophisticated criminals as well as state actors. As the world races towards a vaccine or treatment for COVID-19, medical research facilities have been targeted and research has been stolen.

It only takes one email to infiltrate even a well-protected institution, as demonstrated by ANU’s open report into the sophisticated cyber-attack that it experienced last year. You can read our article on this report here for more information.

Our Cyber webinar in May was hosted by our partners at AXA XL and guest Clyde & Co. The Webinar explored the cyber risk landscape in 2020 and looked at why COVID-19 is intensifying the cyber threat, as well as highlighting information about the claims process and services available to you.

What resources are available to help you manage cyber risk?

The Mutual provides a variety of resources and guidance to help you manage this risk. We have highlighted some of the key ones below.

SecurityScorecard report

As part of its Cyber Protection Programme, Unimutual and its lead reinsurance partner AXA XL are happy to offer Members a courtesy SecurityScorecard Report.

SecurityScorecard evaluates an organisation’s cyber security using data-driven metrics and produces a report with easy to read ratings across a number of information security dimensions including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security and patching cadence. The Report also benchmarks an organisation against its peers in the same industry and provides a list of ranked actionable issues for the organisation to address if they want to improve their cyber security. The SecurityScorecard Report does not require any input or time from the organisation and relies purely on publicly available information. Requesting a Report does not oblige an organisation to undertake any identified improvements.

If you are interested in learning more about the SecurityScorecard Report, please contact Salinda Saat.

Understanding cyber risks: your cheat sheet for cyber terminology

Understanding the language behind cyber makes it easier for you to stay across what’s going on in the world of cyber security. We published a downloadable cheat sheet which de-mystifies the terminology used when speaking about cyber risks.

If you could use some help understanding your spyware from your trojan virus, then access the cheat sheet here.

Understanding cyber risks: phishing and how to spot it

Unfortunately, these attacks are growing in frequency and severity. In 2019, Australians lost $1,517,864 to these scams, significantly up from the $373,860 lost in 2016.

Phishing is one of the most common kinds of cyberattack, and within that, email is the most common method of executing these scams.

We shared an article about how to identify phishing attacks along with a list of useful resources for more information. Read it here.

Cyber notification and claims protocol

If you are aware of, or suspect, that you have suffered a cyber breach you must take immediate action. A quick response can minimise your exposure to further risks including lawsuits and regulatory inquiries.

AXA and Unimutual must be notified as soon as possible and will guide you through your mitigation response plan and the claims process.

Full information outlining the procedure can be found here.

Cyber protection: webinar

Our Cyber webinar held in May 2020 by AXA XL and Clyde & Co outlined how cyber risks have evolved in the time of COVID-19, and provided an update on current risks and shared further information on the claims process as well as the advantages of using AXA XL’s breach response partners.

You can view the webinar here if you missed it.

Read the answers to your questions from this webinar below:

We encourage you to reach out for a more detailed discussion or any assistance on using these resources.

To subscribe to Emerging Risk Reports or other Unimutual updates, please send your details to service@unimutual.com.au or follow us on LinkedIn for notifications.