Next Investors logo grey

Cybercrime: an escalating risk


Published 08-FEB-2019 16:24 P.M.


4 minute read

Hey! Looks like you have stumbled on the section of our website where we have archived articles from our old business model.

In 2019 the original founding team returned to run Next Investors, we changed our business model to only write about stocks we carefully research and are invested in for the long term.

The below articles were written under our previous business model. We have kept these articles online here for your reference.

Our new mission is to build a high performing ASX micro cap investment portfolio and share our research, analysis and investment strategy with our readers.

Click Here to View Latest Articles

There was no shortage of headline making news coming out of the Banking Royal Commission this week. And with the industry’s shonky behaviour dominating the headlines, it was easy to miss some other alarming news from the country’s biggest wealth manager, AMP.

Like the Royal Commission, this news is much further reaching than just being contained to AMP. Or even to the financial sector as a whole...

In news that exposes the vulnerabilities of even our largest financial institutions, and reminds us that that banks can be victims too, AMP was hit by a serious data theft attempt.

Chinese national AMP contractor, Yi Zheng, downloaded 20 identity documents such as driver's licences and passport photos belonging to 23 different customers then attempted to flee the country.

NSW Police found mobile phones, SIM cards, a laptop and numerous electronic storage devices. The financial crimes squad is examining the devices with the investigation, under Strike Force Paunelle – which was set up to investigate identity theft and related crimes.

Cybercrime squad commander, Detective Superintendent Matt Craft commented, “Identity information is an extremely valuable commodity on the black market and dark web, and anyone – whether an individual or business – who stores this data needs to ensure it is protected”.

While the thief was eventually apprehended as he tried to board a flight to China, his ability to swipe critical customer data is yet another example that drags cyber risks back into the spotlight.

Cybercrime is a real and growing threat to not only major financial institutions, but to public utilities, hospitals, and government entities too.

New figures out of the Office of the Information Commissioner (OAIC,) showed the number of data breaches suffered by Australian companies jumped 7% in the December quarter to bring the total number of data breaches to more than 800 for the full year.

The health sector held top spot as the industry most affected by data breaches, followed by financial services, then legal, accounting and management services. And for the first time, the mining and manufacturing sectors made an appearance in the report.

The bulk of the breaches were malicious in intent with the largest affecting between one and 10 million people, while another breach compromised the data of up to 500,000 people.

Austal, a major shipbuilder for both Australia and the US Navy, was hit by a cybersecurity data breach and extortion attempt last year.

The company’s Australian data management system was targeted with ship design drawings stolen and staff details including addresses, and mobile telephone numbers were compromised. The offender is believed to have then offered this information for sale on the internet and engaged in extortion.

The departments of Defence and Home Affairs issued a joint statement with the Australian Cyber Security Centre, saying “this incident reinforces the serious nature of the cyber security threat faced by defence industry, and the need for industry partners to put in place, and maintain, strong cyber defences”.

When cyberattacks do make the headlines, they tend to focus on these major breaches and well known organisations. Yet, more often than not it’s small to medium sized enterprises (SMEs) that are ill-prepared for cyberattacks.

In the US, cyber threats are even more costly, with the average cybercrime or fraud event starting at $35,000 and ranging to over a $1 million for SMEs alone. These risks, which are continually growing and evolving mean it’s imperative to have adequate cybersecurity in place.

WhiteHawk (ASX:WHK) is becoming recognised as the first stop for SMEs in combating these risks.

WHK has developed the first online self-service, cybersecurity exchange, simplifying how companies and organisations implement cybersecurity solutions. These solutions directly mitigate a business’ key cyber risks and assists US companies connect to content, solutions, and service providers.

The company has three diversified streams to generate revenue:

  • Sales of its 360 Cyber Risk Frameworks and Risk Scorecards to large corporations and government organisations.
  • Executive cyber risk consulting services to large government and industry enterprises.
  • Sales of cyber products and services via the online Exchange, referrals or 360 Cyber Risk Framework Vendors.

While still a $6.5 million capped junior, WhiteHawk has significant growth potential.

The cybersecurity solution provider is gaining momentum with the signing of a Cyber Risk Framework Contract with a US top 12 Defense Industrial Base company; consecutive US government contracts, including executive cyber risk management consulting services for US Federal Department of Homeland Security; vendor risk management with a top 10 US financial institution for 50 companies; and private utilities contracts.

WHK also offers ongoing online cyber risk services to small and midsized entities via online its platform.

General Information Only

S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.

Conflicts of Interest Notice

S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.

Publication Notice and Disclaimer

The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.

Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.

This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.