Australian companies are increasingly under the threat of cybercrime, according to data from a new survey conducted by global consultant PwC.
The annual report examines economic crime affecting businesses across the globe and breaks out data in local reports per region.
The latest Global Economic Crime and Fraud Survey revealed that more than half of Australian companies surveyed were victims of economic crime in the past two years. One in three respondents reported losing more than $1 million.
The report divided economic threats to companies into two categories: external and internal, with crimes committed by external parties constituting 64 percent of attacks, and 36 percent of attacks being committed by internal actors.
Of the external threats to a company, cybercrime dominated, with 43 percent of respondent organisations revealing they had suffered a cyber attack.
“However, the number is probably much higher; we see at least one new attack every fortnight. And it’s likely only to get worse. Both in Australia and globally, firms expect cyber be the most disruptive economic crime over the next two years, and CEOs say it’s the number one threat to their organisation’s growth prospects,” the report stated.
In Australia, PWC reported the most common types of cyberattacks were phishing, involved in 48 percent of attacks, malware (39 percent) network scanning (24 percent) brute force attack (15 percent) and ‘man in the middle’ (10 percent).
Cyber posed such a large threat because cybercriminals were becoming as ‘savvy’ and professional in their operation as the organisations they targeted, according to the consultancy.
“On top of this, cyber thrives on the same kinds of technologies that organisations are using to drive growth. For example, while the adoption of cloud computing and the Internet of Things can lead to improved efficiencies and innovations, they also increase the number of ‘attack surfaces’ for cybercriminals to target,” the report noted.
Despite the alarming figures reported, the PwC survey noted that 48 percent of Australian organisations had not completed a cyber vulnerability assessment, while 36 percent did not have a cybersec plan in operation.
Among internal economic crime employees constituted the biggest amongst the group, at 29 percent, followed by customers (18 percent) and agents (5 percent), while suppliers and consultants were equally represented at 4 percent.
Crime committed by internal players has also been bolstered by the advent of technology, with the report suggesting that one of the biggest drivers in crimes committed by frenemies was the increasing availability of technologies facilitating fraud, such as photo editing and manipulation applications to create fraudulent documents, IDs, credit card application and insurance claims.
The consultancy suggested businesses complete a cybersecurity risk assessment, develop a cyber response plan, know the people who work in the organisation and define and communicate economic crime across the business, among other recommendations.
PwC's 2018 Global Economic Crime and Fraud Survey drew on data from 158 respondents across Australia, and 7200 respondents globally across 123 territories.