Amid the ongoing surge of hacks in the crypto industry, Joe Longo, Chair of the Australian Securities and Exchange Commission (ASIC), issued a cyber security warning. Longo emphasized that all firms must prioritize cyber security and cyber resilience.
“Organisations must take an active approach to evaluating and managing third-party cyber risk,” Longo stated.
ASIC Alerts To Cybersecurity Risks From Complacent Firms
In a recent statement, Longo issued a warning about the growing trend of businesses relying on third parties for software and critical data services.
Longo considers this approach, without ongoing review, “a serious weakness.”
Longo cited recent ASIC survey results indicating that almost half of businesses in Australia do not conduct adequate due diligence when dealing with third-parties for cyber security risks.
“Nearly one in two (44%) of respondents indicated that they did not manage third-party or supply chain risk, and more than half have limited or no capability to protect confidential information adequately.”
Longo believes there are three main points for firms to protect themselves against vulnerabilities: “Never set and forget, plan for and test for attacks, You can’t protect what you aren’t aware of.”
Longo emphasizes the importance of companies avoiding complacency, even when they believe they have implemented some protection against cyberattacks.
“This is the belief that you’ve done everything you need to do, and you don’t need to worry anymore.”
Crypto Industry Faces Surging Hacks
The crypto industry has witnessed a substantial number of hacks, leading to substantial financial losses.
On August 1, BeInCrypto reported that there were more than 48 major crypto hacks in July. This led to approximately $165 million in losses.
PeckShield, a blockchain security firm, provided data indicating that 95% of the total stolen funds in July, amounting to $156 million, were attributed to the top five hacks. July marked the second-highest month for crypto theft, following March, when over $200 million was illicitly acquired.
In the first quarter of 2023, Beosin, a blockchain security firm, reported 61 attacks and 41 rug pulls in the Web3 space.