Cyberattacks have been part of Australian organisations’ landscape for a long time now, and as businesses embark on a ‘digital-first’ approach we are seeing the cyber threat landscape expanding. Today, there are more cyberattacks, data leaks and ransomware activities than ever before.
This isn’t surprising, and most organisations around the world have been expecting cyberattacks to grow as we move into a digital world. What is concerning, is that hackers are using more and more sophisticated strategies, including ransomware, and are increasingly targeting SMEs.
Recently, we’ve seen alarming reports about ransomware activity in Australia. Earlier last month, the ACCC’s 12th Small Business in Focus report revealed that the ACCC received 7,600 enquiries and complaints from small businesses in the first half of 2016, with ransomware sited as one of the biggest problems, leading small businesses to lose $1.6 million in scam activities.
Furthermore, Australia was recently found to be the second most targeted country in the world for ransomware attacks, and SMEs were revealed as the most targeted organisations. It’s clear that Australian SMEs have a serious cybersecurity challenge, which is only going to grow and evolve with time.
SMEs are up against costly organised cybercrime
When looking at the sophistication of cybercrime today, especially ransomware, and considering that the sophistication and frequency of attacks is increasing, it is fair to view cybercrime as organised crime. Today’s hackers have become very powerful, mostly because IT now has a role to play in every part of a business’ organisational structure and strategy.
Ransomware is a type of malicious software designed to block access to a computer or mobile system until a specific sum of money is paid. Contrary to many other attacks where organisations might get part of their data corrupted or have their IT systems down for several hours (which already can be very damaging), ransomware’s primary aim is to get money from the organisation targeted.
In a recent study by the Pomenon Institute, the cost for companies was revealed as being up to US$2.64 million with an average of US$142 per lost or stolen record – a financial loss which can significantly impact large organisations, and that can potentially put small or medium organisations out of business.
The problem with ransomware is that it can come from many different sources. The ransomware threat is constantly evolving, making it very difficult for small and medium organisations with limited IT budgets and security expertise to counter.
Or does it?
Hackers increasingly use ransomware against SMEs because these organisations often don’t consider themselves as potential targets, or think they can’t fight against such sophisticated attacks. In April 2016, an expert from CERT Australia explained that most Australian organisations suffer ransomware because they make basic mistakes.
So what can be done?
1. Education is key
Working with Australian SMEs for over 20 years, I have realised that the first problem encountered when talking about security is a lack of knowledge and education on the matter, both from the executive and IT management levels. If SMEs invested time in educating their teams, they would greatly decrease their likeliness of falling victim to ransomware attacks.
Most importantly, business decision makers need to understand the value of their organisation’s data. Despite multiple warnings, organisations continue to store more and more data without increasing their security or training their teams about the value of the information they are working with and exchanging with clients and other third parties.
Running fictional scenarios is a great way of making organisations, and particularly CEOs or key business decision-makers, realise how much they would lose financially and in terms of reputation if part of their data were stolen or inaccessible for a certain period of time, and only restored if they were willing to pay significant amounts to hackers.
Making security a business priority is key to making sure IT teams get enough support to protect the organisation against ransomware.
2. Empowering staff
IT teams are, of course, the main and most obvious stakeholders when it comes to guaranteeing the security of an organisation. However, when it comes to ransomware, end-users are key and education once again plays a role.
Hackers are often successful because they are appealing to end-users’ carelessness. Most ransomware pushes online users into clicking on an infected popup advertisement, visiting an infected website, or downloading an infected file from an email. The second step of the process is locking the victim’s files and ask for a ransom to “unlock” them.
Unfortunately, many companies don’t properly train their staff on cybersecurity issues, and still under-estimate the consequences of staff using weak passwords to access their professional applications. Educating employees on the potentially severe consequences of a simple careless mistake is the best way to empower each individual to prevent ransomware.
Security should be everyone’s concern, from the CEO to customer service operators – not only IT. Ransomware can be fought only if security is put at the heart of the business strategy – on the same level as any other business goal, and should have its own KPIs.
3. Getting the right expertise
SMEs’ IT teams, although very well trained, don’t have the time to proactively secure an entire organisation’s infrastructure.
It is important for business leaders to understand that with the increasing complexity of the cyber threat landscape, IT teams need to be regularly trained on the latest hackers’ strategies. If IT teams aren’t trained properly and don’t know about the latest threats, they won’t be able to alert the staff nor give them guidelines or recommendations to prevent more attacks.
Neither will they be able to alarm the appropriate executives or teams about the need to increase security spent by investing in certain technologies.
SMEs represent a large part of Australia’s economy, and will continue being targeted by ransomware as they continue to digitise and collect valuable data. It actually doesn’t matter whether or not a hacker thinks your data is important – If you think it’s important, then you are a potential target.
James Walker is the Founder and Managing Director of Brisbane-based IT services provider Computer One