Cybercrime: The Silent Threat To Your Business
The Australian Cyber Security Centre (ACSC) receives approximately 144 reports of cybercrime a day, that’s one report every 10 minutes. The ACSC Small Business Cyber Security Survey, that took place in 2019, found that although 62% of respondents had experienced a cyber security incident. Almost half of small to medium businesses (SMBs) reported they spent less than $500 on cyber security per year.
Many of our clients ask us about the importance of cyber security and whether it’s worth engaging a third party to help at the commencement of a new business, engaging a provider to audit an established business, or to ask a professional to monitor the security of the business full time.
Before we unpack the extent of the real threat to Australian businesses and what we can do about it, what is cybercrime?
Cybercrime constitutes theft of data, damage to computer systems or attempts to compromise personal identifying information using specific tools, hardware, software and artificial intelligence.
What are some of the common threats to business?
Some of the common threats include trojans and viruses infecting your desktop computers which can then spread into servers and cloud-based systems. This is alongside social engineering, identity theft, email and phishing scams.
Ransomware is one of the most readily encountered problems and it is where the virus will infect the computer or server and encrypt the data therein. A third party will then ask for a ’ransom’, perhaps in the form of bitcoin or similar, to enable you to recover your data. The data transfer may or may not eventuate.
On a personal level people often fall victim to social engineering, where someone from a call centre will call and ask for your personal information, for example your first name, last name, date of birth and address. A considerable amount of damage can be done with just that information, hacking into bank accounts, superannuation or any online services platform.
Phishing emails are another way in which details can be obtained. Often clients will ask if emails purporting to be from the ATO are actually from the official source. Links from phishing emails will impersonate a login page and steal your username and password.
Education is the first line of prevention
It’s advisable for staff to be able to recognise a phishing email, understand what ransomware is and how to identify unusual emails, that is identify the sender, work out if it’s legitimate source and match any links with the intended domain name.
It’s vital at a business level to have some sort of security in place before those emails reach your inbox. Technology is the second level of defence, that is, having a healthy security framework. Chris Angrakian from Managed Services Australia recommends the three layer framework:
‘Firstly, we look at cloud email security because most threats arrive via email. If spam emails attempt delivery, they immediately go into quarantine and we review them. If we think they are safe we will release them to our clients.
‘Then you’ve got your network security. To prevent hackers from hacking into your servers remotely or even locally on site, it’s important to have a good firewall. Securing your network will help protect your VoIP phone system, any NAS drives and other critical storage as well as other company devices.
‘The third layer is having healthy anti-virus software on your desktop itself. Nowadays products have evolved to where they are using artificial intelligence for cyber threat detection and there are some great products out there. For example, the moment a threat is detected or a file is found on a computer that might be harmful, it will disconnect that device from the network, notify us that it’s been disconnected, but still allow us to login remotely into the computer and neutralise that threat. Once we have confirmed that it’s safe again we can notify the user to continue working.
‘We can also roll back any scripts or changes that have been implemented. If ransomware has encrypted all your files, we can roll every single step back to what it was within minutes. You couldn’t do that twelve months ago.’
What happens when you think your business has been affected from a threat
The first thing you should do is stop working and disconnect your device from the network. Contact your supplier or IT company and let them know straight away. Then notify everybody in the business. A good service provider will help you through the whole process step by step.
Rather than find yourself or your business in a threatening situation, its preferable to have a comprehensive plan in place for prevention. Employee awareness and education, disaster recovery plans and backup, having the right anti virus software installed, and engaging a professional are all measures that can be adopted to prevent such attacks to your business.