Your survival kit for fighting cybercrime

December 30, 2019

In 2019, cybercrime is set to cost Australia

$29 billion

The numbers make for grim reading:

  • 1/3 of Australians fell victim to cybercrime in 2018
  • Every 10 minutes a cybercrime is reported
  • 23,000 businesses have already been attacked in 2019 (Jan – Oct)
  • 2 million malware instances have been detected in 2019 (Jan – Jun)

And it gets worse: by 2022 the average business cost of an attack is set to rise from the current figure of $276,323 by around 50%, to $414,484.

Source: REVEALED: The incredible cost of cyber attacks in Australia

Fear the acronyms

DoS, MitM, SQL

The most common cyber attacks in 2019 are:

  • DoS (Denial of Service): Where your network, servers and systems are flooded with traffic, so you can’t operate your business.
  • MitM (Man in the Middle): Where criminals intercept information travelling between you and another party so they can access and control systems and data.
  • SQL (Structured Query Language) injection: Where malicious code is inserted into your servers to make them reveal sensitive information.
  • Malware: Where harmful software, such as viruses, worms, spyware, trojans or ransomware, is installed on your system.
  • Phishing: Where fraudulent emails are used to trick users into revealing private information such as passwords and financial information.

Source: 5 Most Common Cyber Attacks in 2019 and How to Prepare or Avoid Them

In 2019, phishing attacks have cost Australians


Phishing is unique in that it relies on users making a mistake – clicking on a link, opening an attachment or otherwise being tricked into activating the attack. Here are some ways to avoid it:

  • Check the email address: If you get an email that asks for personal information, check the sender and remember that banks, businesses and government will never ask for such information in an email.
  • Don’t click on the link: If there’s a clickable link in an email from a new or dubious sender, don’t click on it.
  • Don’t open the attachment: Malware can live in all kinds of attachments, from Word documents to PDFs to .exe files; unless you know the sender, don’t open – and certainly don’t download – anything.
  • User two-factor authentication: This will help protect your information if a phishing attack succeeds and gets hold of your login details.
  • Update your systems: Security updates and patches are issued regularly by all software makers, so make sure you’re up-to-date.

Source: ScamWatch


Of a cybercrime’s cost is for detection and recovery

There’s no way to make your business completely safe from cybercrime, but there are steps you can take to minimise your risk:

  • Cybersecurity policies and procedures: Put these in place and make sure your staff stick to them.
  • Cybersecurity incident response management plan: Develop a response plan that supports your procedures.
  • Training: Train all staff on your policies and procedures and refresh them regularly.
  • System updates: Keep all your systems up-to-date with the latest security patches and updates.
  • Data backup: Ensure your business data is being regularly and frequently backed up to, at least two locations

Source: Business.gov.au: Cyber Security

81% of data breaches

are caused by weak and/or stolen passwords. How can you stay safe?

Practicing good password hygiene is crucial. Here are some tips to fortify your login processes:

  • Encourage employees to not use a password more than once
  • Use multi-factor authentication
  • Use a reputable service such as HaveIBeenPwned to see if data has been compromised

Source: A whopping 78% of small businesses are being targeted by cyber criminals: Here’s how to stay ahead