SMEs under cyber attack

Back in July 2021, Daniel Battaglia spent the longest 36 hours trying to avert a cyber attack that could have inflicted major damage on his company.

Battaglia’s web-based business was attacked by cyber criminals when malware was placed on his website.

The attack was picked up by Google Search Console as a security warning.

He recalls the biggest threat to his business was the potential for hackers to steal his client’s personal details and passwords.

“The scariest part of this is having a public website with tens of thousands of visitors every month, transacting with their credit card details; it could’ve easily turn into a nightmare. Thankfully, Stripe payments are secure on the website. But, I felt anxious and a big sense of urgency to get it resolved.”

Battaglia quickly hired a web developer specialising in cyber security to check and update the content management system with the latest security software. The developer scanned the website to remove any infected files and ensured the security program was working.

“Fortunately, this was resolved within a relatively short period, but it was a potential for disaster. It caused me so much stress over that 24 to 36 hours period and I had to pay higher rates to a contractor to secure the tech platform immediately,” says Battaglia.

The experience has taught him to ensure all systems and software are current.

“Now, I keep systems up to date. I’ve learnt to expect a tech failure at some point and to have backups ready. Get help immediately, even on websites like freelancer.com or upwork.com, where you can find experts at good prices.”

Battaglia is one of the increasing numbers of small and medium enterprises (SMEs) who have been victims of cyber attacks.

A study from Software Advice found that four in ten SMEs in Australia have fallen victim to cyber attacks since the pandemic began in 2020.

The pandemic saw businesses investing in technology solutions as a way to survive and combat any remote working issues but, in doing so, have seen a rise in criminal cyber activity.

Aside from remote working, there were other reasons for an increase in attacks, including the introduction of cloud-based systems.

Cost not the only impact of the attacks

The survey found that those SMEs affected by a ransomware attack and paid for it, more than one-quarter (27 per cent) confirmed their company paid between $30,000 and $60,000 for the ransomware, regardless of whether they retrieved the stolen data back or not.

Respondents were also impacted by loss of reputation (38 per cent), loss of clients (35 per cent), and loss of employees (12 per cent).

Frank Santucci, chief technology officer of cyber security company Paraflare, said typically the depth of attacks on SMEs range from a surface disturbance through to a full devastation of a business and its environment.

“What is apparent in all the attacks is the psychological toll it takes on the individuals in the business, and sadly the damage to their reputation that has been hard fought to build.”

He said the most common attack is theft of credentials (username and password) to access a system through legitimate means before executing an attack.

A popular method to steal these credentials is through phishing campaigns which often result in either a ransomware attack or a ‘virus’ that allows for remote command and control of computer systems.

“Phishing emails are designed to look like they’re from a legitimate source, such as your HR department, the CEO or one of your suppliers. It takes a keen eye to spot the difference between a legitimate email and a good phishing email.

“When it comes to ransomware, we’ve seen companies pay the ransom to a cyber criminal to have their files released, only to find out the threat remained within their network, waiting for the next opportunity to strike,” he adds.

Many small businesses express surprise that an organised crime gang or nation would attack them at all.

“Your business may not be the target of the attack, it might have simply been caught up in a widespread attack and sadly, fallen victim,” Santucci added.

What do they want?

Santucci said cyber criminals are generally looking for weaknesses or opportunities to exploit an environment for gain or advantage.

“That gain can take many forms including financial, intellectual property, personal information – or often with SMEs, to stage an attack on your supply chain, think, your bigger partners.”

Santucci recommends the following actions SMEs take to reduce attacks.

1. Maintenance: Treat cyber as an activity that requires regular maintenance. Make it a monthly task that you endeavour to make one improvement on, however small.
2. Compliance: Check your cyber security compliance against the Australian Signals Directorate Essential 8. These are the 8 mitigation strategies to protect you against cyber threats.
3. Patching: Make sure you’re patching your systems systematically to close any security shortcomings that will let cyber criminals in.
4. Education: Talk to your workforce about how individual cyber security contributes to an organisation’s security. Include mandatory cyber security training for your employees. Encourage employees to be suspicious of unusual activity and emails. If there’s any uncertainty about an email, call and check before opening an attachment or clicking a link.
5. Planning: Have a plan in place in the event of a cyber attack. Keep it up to date. Have a clear process, including how you will communicate with staff, what you will tell your customers and the steps you need to take to restore your business. Include details of cyber security service to investigate the attack if required.