Small businesses face greater threat from computer hackers, report warns

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.abc.net.au/news/2015-10-12/small-businesses-under-greater-threat-from-computer-hackers/6846024

Cyber-crime is estimated to cost Australian businesses up to $1 billion
every year, and the report claims 60 per cent of businesses hit by a cyber
attack went out of business within six months.

However, small business-owners have largely indicated they did not believe
they were in danger of being targeted.

The report shows only a quarter of small business owners thought they were
at risk of having their data stolen and held to ransom, and less than half
kept their anti-virus software up to date.

Only 2 per cent of small businesses treated protections against hacking as
a priority.

Cybersecurity expert Matt Tett said many people mistakenly believed large
companies, like cheating website Ashley Madison, were more likely to be
targeted by hackers.

"Small businesses, they're really the ones at risk, you hear about all the
big ones, they're the big names, but small businesses are the ones that are
being targeted by things like ransomware and cryptolocker," he said.

Ransomware works by invading a computer system and locking a user's access
to certain files.

A user can regain access by paying a ransom to the hacker.

Cryptolocker works on a similar premise, but encrypts all the files on a
computer.

Mr Tett said the relatively small ransoms requested meant small businesses
often pay hackers, rather than have the malicious software removed by a
professional.

"The criminals are really looking to get paid $400, $500, $1,000," he said.

"At the end of the day if it's going to take you a week to recover your
information, people would rather pay the $500 and get their data back
straight away."

Awareness key to fighting cyber attacks

Monday marks the start of the Federal Government's Stay Smart Online Week,
and the Government has published a new guide, detailing how businesses can
improve their network's security.

The guide calls for businesses to take simple steps, such as creating
complex passwords, and backing up data, to safeguard against hackers.

But Mr Tett said awareness was the single largest factor in preventing
hacking attacks.

"Some people don't even practise the basic steps," he said.

"You don't leave your car unlocked in the main street, you don't leave your
house unlocked, people are still doing that with personal devices and their
networks."

The report indicated the money lost by businesses each year is growing, and
Mr Tett said business owners could no longer ignore the need for
cybersecurity.

"It's like any technology - people bury their heads in the sand and think
'well, I don't have time for that," Mr Tett said.

"Particularly small businesses, they're financially strapped, they're
resource strapped, they're focused on ensuring their business is surviving
and they're making money."

"They're not necessarily thinking about risks like this."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!