ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Supply chain attacks, ransomware leads to loss of trust in IT vendors

By Catherine Knowles
Thu 9 Dec 2021

Increasing supply chain attacks, ransomware extortion demands and slower detection speeds are reducing trust in legacy IT vendors, according to CrowdStrike’s 2021 Global Security Attitude Survey, conducted by independent research firm Vanson Bourne.

Recent attacks such as Sunburst and Kaseya have once again brought supply chain attacks to the fore and the survey results echoed this with almost half (49%) of Australian organisations experiencing a software supply chain attack within the last 12 months.

This is having a significant impact with 55% of Australian organisations reportedly losing trust in a key supplier due to security concerns in the past 12 months.

In fact, 75% of Australian organisations were specifically losing trust in legacy IT vendors, such as Microsoft - more than any other country surveyed.

Yet many Australian organisations still aren’t doing enough to protect themselves, just 44% have actively vetted suppliers in that same period.

Globally, respondents estimate it would take 146 hours (c. 6 days) to detect a cybersecurity incident, up from 117 hours in 2020.

Once detected, it takes organisations 11 hours to triage, investigate and understand a security incident, and 16 hours to contain and remediate one.

Australian organisations are tracking above average, 46% estimate they would be able to detect a cyber incident within a day, and 36% within an hour. However, 16% state that it would likely take their organisation more than a day to detect an attack.

CrowdStrike chief technology officer Michael Sentonas says, “The survey presents an alarming picture of the modern threat landscape, demonstrating that adversaries continue to exploit organisations around the world and circumvent outdated technologies.

"Today's threat environment is costing businesses around the world millions of dollars and causing additional fallout. The evolving remote workplace is surely accentuating challenges for businesses as legacy software like Microsoft struggles to keep up in today’s accelerated digital world."

CrowdStrike encourages organisations to strive to meet the 1-10-60 rule - where security teams demonstrate the ability to detect threats within the first minute of an intrusion, investigate and understand the threat within 10 minutes, and contain and eradicate the threat within 60 minutes - given that, local organisations still have a way to go.

This response time is particularly alarming in our remote-first world. Indeed, 80% of Australian respondents who have experienced a cybersecurity incident cited remote working as the direct cause in 2021, the researchers state.

The survey indicates that ransomware attacks are continuing to prove effective, with average ransomware payments made by Australian organisations in 2021 US$1.53 million (AUD$2.15 million).

In Australia, 67% of organisations reported suffering a ransomware attack in the past 12 months, while 79% say they would consider paying a ransom to recover encrypted data in the event of a software supply chain attack, the highest figure in APJ.

Alarmingly, 93% of Australian organisations who paid a ransom in the last 12 months have also been victims of re-extortion fees.

In the 2021 Threat Hunting Report, CrowdStrike’s Falcon OverWatch reported that eCrime threat actors are able to move laterally across an organisation’s network in an average of 92 minutes.

This paints a sharp contrast between the capabilities of today’s swift attackers and defenders who are increasingly slowed down by high volumes of alerts and tools that lack integrated workflows.

Sentonas adds, “This presents a clear clarion call that businesses need to change the way they operate and evaluate more stringently the suppliers they work with.

"The threat landscape continues to evolve at a frightening pace and it’s obvious that modern organisations need a cloud-native, holistic end-to-end platform approach to tackle and remediate threats in a swift manner.”

Related stories
Top stories
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Story image
Amazon
What brands can expect from Amazon Prime Day in Australia
Amazon Prime Day is the annual two-day shopping event, kicking off this year from July 12-13 and is the global online shopping platform's biggest sales event. 
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Gaming
Sony releases a new gaming gear brand for PC gamers
Sony has unveiled INZONETM, a new gaming gear brand for PC gamers that makes gaming more immersive and offers greater gaming ability.
Story image
Artificial Intelligence
Eight top DevSecOps trends to support IT innovation in 2022
The use of DevSecOps practices is growing, as it is increasingly seen as the best way to produce high-quality and secure code. So what are the current trends?
Story image
Cyber Criminal
Identity and access: the fight is on
Blue team defenders are used to protecting our data, applications, and users with access controls and other security mechanisms, which is why attacks like this are especially challenging when they target identity and access control systems.
Story image
Oracle Cloud
Commvault, Oracle to deliver Metallic Data Management as a Service
"We are excited to partner with Commvault and enable our customers to restore and recover their most mission-critical cloud data."
Story image
Macquarie Data Centres
Macquarie deal to pioneer CO2-cutting data centre tech in Australia
Macquarie Data Centres has signed a multi-year deal with ResetData, an Australian first provider using Submer data centre technology. 
Story image
Online shopping
Consumers want speed, visibility in return for brand loyalty
72% of Australian shoppers want complete online order visibility and 63% are loyal to retailers who deliver goods the fastest.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Ransomware
Secureworks reveals new information on BRONZE STARLIGHT threat group
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
SOTI
Australian consumers loyal to retailers who deliver speed and visibility
SOTI finds extensive order visibility and speed are the most important factors for turning one-off customers into loyal, long-term buyers.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Design
Hands-on review: Phillips Hue starter kit
The set-up was one of the simplest I have ever had to do. It is also where the products shine. I was able to connect the bridge, the three lightbulbs and the strip within 10 min.
Story image
State Library of Victoria
State Library of Victoria entrusts Oracle support and security to Rimini Street
“Our finance team are very happy with the support and security that Rimini Street provides, which keeps our assets and our customers secure."
Story image
Digital Fingerprint
Decline in counterfeit cherries after digital fingerprinting
Reid Fruits says there’s been a dramatic decline in counterfeit products for its cherries over the past three export seasons to Asia because of digital fingerprinting.
Story image
Hybrid Cloud
Advent One acquires Layer 8 Networks, complements hybrid cloud offering
The acquisition comes at a time of surging demand in hybrid cloud, network virtualisation and network security.
Story image
Review
Hands-on review – CleanMyMac X utility for macOS
We get hands-on with a useful utility that macOS users never thought they needed but probably do.
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Cloudian
Cloudian, Vertica to deliver on-premise data warehouse platform
"We’re enabling our customers to capitalise on a leading object storage platform and maximise the value of their digital assets.”
Story image
Low-code
Appian unveils low-code certification program in Australia
Appian has announced a program to provide the next generation of low-code developers with access to education on the subject and certification to foster career opportunities.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
WatchGuard Technologies
Ransomware volume doubled 2021 total by end of Q1 2022
Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to a new report. 
Story image
Human Resources / HR
Honeywell launch third RAP in support of Reconciliation Australia
"RAPs provide a framework to leverage their structures and diverse spheres of influence to support the national reconciliation movement."
Story image
Supply chain
Supply chains continue to be disrupted, enterprises embrace circular economy
“Businesses urgently need to find a solution that can help them to manage this disruption, and transition to a circular economy."
Story image
Aspire
NEC expands Open RAN ecosystem with Aspire Tech acquisition
With its agreement to acquire Aspire Technology, NEC Corporation has further increased its capacity to deliver End-to-End Open RAN ecosystems.
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."
Story image
Awards
Microsoft names A/NZ Partner of the Year award winners
The awards recognise partners across the globe for their innovative use of Microsoft technologies to help customers succeed.
Story image
Microsoft
SAS wins Microsoft ISV 2022 Partner of the Year award
"We formed the SAS and Microsoft strategic partnership with a shared goal of making it easier for customers to drive better decisions in the cloud."
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Ransomware
Businesses unprepared to defend against ransomware attacks
Ransomware attacks continue to impact organisations worldwide with high costs, but businesses are still largely unprepared.
Story image
Cybersecurity
FIDO Alliance releases guidelines for optimising UX with FIDO Security Keys
The new guidelines aim to accelerate multi-factor authentication deployment and adoption with FIDO security keys.
Story image
Citrix
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Hybrid Cloud
HPE GreenLake advances hybrid cloud experience with new services
"The innovations unveiled today further build on our vision to provide the market with an unmatched platform to spur innovation and drive transformation.”
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.