Australia's culture of trust is leaving the country vulnerable: Kaspersky Lab

Kaspersky Lab general manager ANZ Peter Brady said it is the laid back, naive culture Australia has that is resulting in such alarming statistics when it comes to mobile banker Trojan penetration.
Written by Asha Barbaschow, Contributor

When it comes to mobile banker Trojans, Australia has one of the highest rates of penetration -- or attempted penetration -- and according to Kaspersky Lab, it experiences 1.42 percent of all infections recorded globally, second only to Russia.

This high level of mobile banker Trojans mostly arrived in 2016 in the form of Trojan-Banker.AndroidOS.Acecard and TrojanBanker.AndroidOS.Marcher families, Kaspersky Lab said.


Geography of mobile banking threats (number of users attacked)

Image: Supplied

According to Noushin Shabab, senior security researcher, Global Research & Analysis Team (GReAT) at Kaspersky Lab ANZ, the infections do not come purely via mobile banker trojans, as Australia also records one of the highest global rates of online banking threats in general.

"We are in a very dangerous situation," Shabab said.

As cybercriminal activities tend to start with demographic and budget, Kaspersky Lab said first-world countries are targeted more, as a stronger economy is usually coupled with more advanced technologies and bigger budgets, especially in an industry like banking.

Speaking with journalists in Sydney on Thursday, Kaspersky Lab general manager ANZ Peter Brady said it is Australia's laid back, naive culture that is resulting in such alarming statistics when it comes to online banking.

"We're just so naive that we trust everybody here in Australia," he explained.

"If our big four banks come out and say: 'We've got this new system for online banking that's safe as houses', we believe them."

Although internet banking use is quite high in Australia, according to Brady the country is still about five years behind the United States, which has caught up with the cybersecurity landscape and understands more the necessity to protect themselves and their organisations.

He said that given Australia's geographic isolation, a lot of people may think that the country is immune to cyber threats.

"We must remember that cybercriminals are more sophisticated on how they choose to attack us. It is without a doubt that cybercriminal activity will get more creative and only continue to reach out to the most obscure avenues into our day-to-day activities," he said.

Organisations realising they should have taken precaution only when it is too late is a common theme down under, Brady said.

"One thing with Aussies is that we want everything for nothing," Brady said, adding that often organisations and individuals will use a free product without realising they are not getting the full benefit of the product or its latest update.

"Very naive and we want everything for nothing. When we talk to businesses about products for them, they always knock us down with price, they always want discounts."

Brady said that organisations in Australia are becoming more aware of how big an issue cybersecurity defence is, however, in particular the extent to which ransomware exists.

On August 9, the Australian Bureau of Statistics experienced a series of denial-of-service (DDoS) attacks, suffered a hardware router failure, and baulked at a false positive report of data being exfiltrated, which resulted in the Census website being shut down and citizens unable to complete their online submissions.

It was after the Census fiasco that Kaspersky Lab started to receive a sizeable amount of curiosity from Australian organisations concerned about their own safety.

Last year, the National Australia Bank sent the details of approximately 60,000 customers to an email address on a global domain rather than its .au address.

The email contained each customer's name, address, email address, branch and account number, as well as an NAB identification number for some customers.

Although she accepts it was an accident, to Shabab, the customer information should never have left the hands of someone without first being encrypted.

Banks can only do so much, however, and Brady suggested that as best practice, individuals run an internet security product, constantly update, be very careful with whom they're transacting with, and avoid logging in to internet banking over public, unsecured networks.

A study by RMIT University found that around 2 million Australians are often risking data breaches by logging into internet banking and conducting other financial transactions on unsecured public Wi-Fi networks.

Alarmingly, more than a quarter of the 1,200 respondents said they had conducted financial transactions such as internet banking and credit card and PayPal payments on public Wi-Fi networks in the previous three months.

Shabab said another problem in Australia is that people keep paying ransom, which encourages the development of more ransomware techniques

Findings from Kaspersky Lab Consumer Security Risks Survey 2016 [PDF] found that over a third of victims chose to pay a ransom. One in five users, however, failed to get their files back after paying a ransom.

As a result, Shabab said it is best to not to give in to ransomware demands, but to report crimes to the authorities.

"We urge all ransomware victims, whether they are large organisations or single individuals, not to pay the ransom demanded by criminals. You only continue to support cyber criminals by paying," Shabab said. "As our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data so stay fearless and don't pay the ransom."

Kaspersky Lab, in conjunction with the Dutch National Police, Europol, and Intel Security, launched the No More Ransom initiative in July last year to provide keys to unlocking encrypted files, as well as information on how to avoid getting infected in the first place.

During its first two months, No More Ransom helped 2,500 people rescue their data, depriving cybercriminals of more than 1.35 million euros in ransom.

In December, 30 new partners joined the scheme, including Bitdefender, Check Point, Emsisoft, and Trend Micro.

Shabab is Kaspersky Lab's first Australian R&D-focused appointment and is a member of the GReAT team that leads Kaspersky Lab's anti-malware research and innovation.

Editorial standards