It’s easy to think cyber security is an issue only large organisations face. But the unfortunate truth is living in this day and age, it’s something we should all be mindful of.
With the use of technology comes the ability for cyber hackers to infiltrate systems, gather sensitive information and exploit organisations of all sizes. CCIQ’s 2018 Digital Readiness Study, sponsored by Vodafone Australia and SureBridge reports that 70% of businesses surveyed have a strong level of concern about potential email attacks on their organisation. To paint a bolder picture, our recent article on cyber-attacks highlights that cybercrime is costing the Australian economy more than $1 billion each year. So, what are the common ways hackers scam their victims?
One of the most common scam hackers use to trick their victims is phishing. Phishing is defined as ‘when a hacker tricks an individual into giving them their personal and banking information.’ This can be gathered from generic texts, emails and websites that resemble legitimate organisations, people or services. They cast a wide net and target as many individuals as possible, with hopes someone will take the bait. When an individual does fill in their details to the site provided by the hacker, the hacker intercepts this information to gain access to the victim’s login. Now that the hacker has full access to the inbox of the individual they will comb through emails to work out how best to scam their victim.
A 2017 ACCC report highlighted phishing, identity theft and false billing to be one of most commonly reported scams, contributing in losses surpassing $4.6 million. This shows the very real and costly impact cyber threats have to individuals and businesses.
Lack of Staff Training
Hackers bank on individuals and businesses lacking training on what cyber threats are. It is imperative that businesses train their staff into the protocol of dealing with suspicious emails, texts and websites. Training can be organised annually to highlight the most common and recent ways hackers trick and manipulate information, as well as creating a process around suspicious emails and activities from co-workers. Unfortunately, all it takes is one employee to expose your organisation to a plethora of risks and that is what hackers are relying on. Training can be simple and conducted regularly to ensure your employees are aware of the risks and the ways in which hackers may attempt to manipulate them.
Effects of Cyber-attacks?
If you think Cyber-attacks are small and could not impact a business long term, think again. We discovered that 22% of small businesses were breached by the Ransomware attacks sweeping the nation and were so detrimentally affected that they could not continue operating. This statistic shows the devastating impact cyber hackers can have on small businesses even when a vast majority rely on antivirus software. Without vigilant cyber training, awareness and safety measures (e.g. multi-factor authentication) you risk putting your business, security and personal finances on the line.
What can be done to help prevent these cyber-attacks?
- Move away from free webmail platforms and invest in business grade email products. Paid webmail platforms are known to have added security measures to ensure your mail is better protected with more stringent spam filters.
- Conduct regular back-ups on all files and data. This can allow your company to continue its operation if hackers were to infiltrate your system and lock you out, like the Ransomware cyberattacks. The 2018 Digital Readiness Study found that this is a common process amongst survey respondents with 91% performing regular data and file back-ups.
- Conduct a split back-up between cloud-based storage and an external hard drive. This ensures your data is safely backed up in two secure locations. CCIQ’s Digital Readiness Survey revealed businesses are embracing cloud-based software with 78% of businesses using these applications.
- Train staff on how to remain vigilant against phishing emails. This will ensure your staff are informed, aware and can report on any suspicious activity.
- Ensure network security programs, software and hardware are up to date. In CCIQ’s recent Digital Readiness Survey it was noted that 62% of businesses reported their equipment was more than 2 years old. An organisation is only as safe and protected as its equipment and security. An organisations IT setup is its first line of defence against cybercrimes and should be kept up to date and enabled always.
Cyber security is a very real threat to small business. CCIQ’s 2018 Digital Readiness Study indicated 93% of respondents have a website presence, and therefore may be a future target. It is vital businesses stay informed, protected and vigilant in this day and age.