The latest cyber threat report from the Australian Cyber Security Centre warns that businesses including hotels, restaurants and auto repairers were being “robbed, held to ransom, or shut down”.
The centre identified 47,000 cyber security incidents in 2016-17 — a 15 per cent increase on the previous year — and more than half were online scams or fraud. Cyber Security Minister Dan Tehan has said “business is booming for cyber criminals” and mums and dads, small business owners need to protect their data, money and identities.
“The days of the cyber threat being deployed by a hooded computer geek in a basement are over and sophisticated organised criminal networks are taking control and franchising their business mode” he said.
Your SME clients are vulnerable
“Small businesses in particular were targeted by themed phishing emails, which use common payment arrangements to steal money,” Tehan added.
“They are using increasingly personalised techniques to trick their victims. They will then create a fake invoice that looks exactly like the original and change one thing: the bank account details.
“The small business pays the invoice thinking it is going to the stationery supplier, for example. No one is any the wiser until the stationery company calls chasing its unpaid invoice.”
— Cyber Security (@CyberGovAU) October 10, 2017
The report showed that overall, 7283 cyber security incidents had affected major Australian businesses. The ACSC also responded to 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.
Tehan revealed that in November, a hacker had compromised the network of a small Australian company with contracting links to national security projects. “Most concerning is that these attacks were more elaborate than the attacks we have seen in previous years,” he said.
The ACSC found one area of focus for criminals was business email compromise through targeted phishing emails. Over the course of 2016-17, reports to the ACSC indicated losses of over $20 million related to business email compromises. This was more than double the $8.6 million in 2015-16.
Talk to your clients about their connected homes
In a truly frightening revealation Tehan said the hackers were watching, and listening, to babies as they sleep with in-home baby monitors being targeted by hackers. 81 per cent of hack attacks a result of stolen or weak passwords.
But in good news, the Australian Signals Directorate responded to fewer cyber security incidents considered “serious enough to warrant operational responses”. Last financial year, the ASD responded to 671 of such incidents, down from 1095 in 2015/16. Tehan encouraged Australians to report suspected cybercrime to authorities.