You may have heard about the cyber attack against PEXA and Sargeants Knox Conveyancing that was used to steal $250,000. This money was planned for the purchase of a home for the family of MasterChef finalist Dani Venn, her husband Chris Burgess and their children. Considering conveyancers deal with such large amounts of transfers but are typically a small to medium size company, many struggle to have the necessary cyber security to protect themselves from such attacks.
This is why Legal businesses and Conveyancers are being targeted by Cyber Attackers (Hackers). The example with Sargeants Knox Conveyancing involved a simple attack against their email account and leveraged this to steal the money through PEXA. It is unclear the exact approach used but most likely it was one of two:
- An email was sent by a Cyber Attacker to a fake website to steal username and password credentials
- An email was sent by a Cyber Attacker with a malicious file that installed malware allowing them to steal the username and password.
The first protection that would help in the above scenarios is multi-factor authentication. Secure email providers such as Gmail provide many multi-factor authentication options. Using a secure multi-factor authentication is like using a second password in a different form. This has the effect of making either password useless without both. Some example of multi-factor authentication could be an eye scan, fingerprint scan, SMS token, verification phone call, usb key, encryption key. Now, not all of these are “secure” forms of multi-factor authentication, but the discussion on a secure multi-factor authentication is longer than this post.
The second protection that would help in the above scenarios is Application Whitelisting. Application Whitelisting is the number one cyber security protection recommended by the NSA and the ASD. This is above all other security protections including AntiVirus. This is based on experience by the NSA and ASD having to deal with real world cyber attacks. If you are looking for cloud based Application Whitelisting we recommend looking at ShellProtect.
One other party involved was the PEXA system, as it was used to direct the transfer of money. PEXA currently doesn’t support multi-factor authentication, making PEXA an easy target for these attacks. PEXA says it has accelerated plans to roll out multi-factor authentication to protect access to its platform.
The sooner both sides implement these appropriate security measures, the sooner it will make these types of attacks alot harder.
On a side note this also highlights a breach of data, and under the Australian Privacy Act (Mandatory Breach Notification) would potentially require:
- Notify the Office of the Australian Information Commissioner (OAIC) of an eligible data breach.
- Notify impacted people directly and satisfy breach notification
- Get legal advice from Australian Privacy Act experts on the situation (We are not lawyers)
- Contact the Commissioner for an extension or exception
- Get our help investigating the Cyber Security Incident
