Super industry under attack from cybercrooks

The $2.2 trillion Australian superannuation industry is coming under attack from cybercriminals who are attracted to the high potential gains.

According to Palo Alto Networks, the sheer size of the market, the tendency of people to neglect their superannuation, and technology advancements making it easier to commit identity theft are all factors behind the strong interest among cybercriminals in super funds.

Because superannuation transactions are now conducted digitally, rather than face to face, identity theft has become easier. Cybercriminals are exploiting a range of techniques, including phishing, to steal victims’ identities before transferring their super into self-managed accounts or applying for hardship payments.

Unlike banks, super funds have no obligation to reimburse victims of fraud, and if the fraud takes place overseas there is very little chance of recovering stolen money, Palo Alto said.

Cybercriminals are also increasingly targeting the industry with malware, with the number of new threats discovered growing to 350,000 per month in 2017, up from just 300 per month a decade ago.

“Because superannuation funds are such valuable targets, cybercriminals are unlikely to turn their attention elsewhere anytime soon. Therefore, it’s imperative for superannuation providers to review their security measures in minute detail, seeking out every potential vulnerability and finding a way to close the gaps before cybercriminals exploit them,” Palo Alto Regional CSO for APAC Sean Duca said.

“A solid security strategy should go beyond antivirus and intrusion detection systems. It’s a combination of people, process and technology. These three elements help to cover off the basic digital hygiene aspects, conduct regular assessments to identify gaps in an organisation, whilst at the same time ensuring the security of data.”

Image courtesy of Ben Tsai under CC