In 2019, cybercrime is set to cost Australia
The numbers make for grim reading:
- 1/3 of Australians fell victim to cybercrime in 2018
- Every 10 minutes a cybercrime is reported
- 23,000 businesses have already been attacked in 2019 (Jan – Oct)
- 2 million malware instances have been detected in 2019 (Jan – Jun)
And it gets worse: by 2022 the average business cost of an attack is set to rise from the current figure of $276,323 by around 50%, to $414,484.
Fear the acronyms
DoS, MitM, SQL
The most common cyber attacks in 2019 are:
- DoS (Denial of Service): Where your network, servers and systems are flooded with traffic, so you can’t operate your business.
- MitM (Man in the Middle): Where criminals intercept information travelling between you and another party so they can access and control systems and data.
- SQL (Structured Query Language) injection: Where malicious code is inserted into your servers to make them reveal sensitive information.
- Malware: Where harmful software, such as viruses, worms, spyware, trojans or ransomware, is installed on your system.
- Phishing: Where fraudulent emails are used to trick users into revealing private information such as passwords and financial information.
In 2019, phishing attacks have cost Australians
Phishing is unique in that it relies on users making a mistake – clicking on a link, opening an attachment or otherwise being tricked into activating the attack. Here are some ways to avoid it:
- Check the email address: If you get an email that asks for personal information, check the sender and remember that banks, businesses and government will never ask for such information in an email.
- Don’t click on the link: If there’s a clickable link in an email from a new or dubious sender, don’t click on it.
- Don’t open the attachment: Malware can live in all kinds of attachments, from Word documents to PDFs to .exe files; unless you know the sender, don’t open – and certainly don’t download – anything.
- User two-factor authentication: This will help protect your information if a phishing attack succeeds and gets hold of your login details.
- Update your systems: Security updates and patches are issued regularly by all software makers, so make sure you’re up-to-date.
Of a cybercrime’s cost is for detection and recovery
There’s no way to make your business completely safe from cybercrime, but there are steps you can take to minimise your risk:
- Cybersecurity policies and procedures: Put these in place and make sure your staff stick to them.
- Cybersecurity incident response management plan: Develop a response plan that supports your procedures.
- Training: Train all staff on your policies and procedures and refresh them regularly.
- System updates: Keep all your systems up-to-date with the latest security patches and updates.
- Data backup: Ensure your business data is being regularly and frequently backed up to, at least two locations
Source: Business.gov.au: Cyber Security
81% of data breaches
are caused by weak and/or stolen passwords. How can you stay safe?
Practicing good password hygiene is crucial. Here are some tips to fortify your login processes:
- Encourage employees to not use a password more than once
- Use multi-factor authentication
- Use a reputable service such as HaveIBeenPwned to see if data has been compromised