Search for insurance help
What types of Cyber Attacks Can Happen to My Business?
Business Insurance
Cyber Insurance
Technology Sector Insurance
Internet & Webservices Insurance
Hardware & Networking Insurance
Software Developer Insurance
IT Services Insurance
Cyber attack stats for SME businesses
Cyber attacks are increasingly a part of business operations. Alarmingly, the Australian Cyber Security Centre reports that it received over 76,000 cyber crime reports in FY 2021/2022. With some types of attacks increasing by over 500% in the preceding 3 years (1).
Australian SME businesses, however, have often taken the view that it would not happen to them, with many choosing to turn a blind eye rather than take measures to protect themselves.
Ignoring the issue continues to prove costly for many SME businesses, with mid-sized businesses making up over 65% of cyber claims. Furthermore, mid sized businesses statistically have the highest cost of recovery at an average of $88k per reported incident (1).
So what can you do to understand and prevent cyber attacks on your business?
What is a cyber attack?
Cyber attacks are attacks on your technology or data (including information you create, store or collect). This attack might result in your systems going down, preventing your business from continuing its operations. It may include accidental or illegal access to your information and data, data corruption or data theft.
Cyber attacks may originate from a malicious third party, come from within or happen as a flow-on effect from compromised supplier or client systems. One report received by the ACCC regarded a business that lost $190,000 paying invoices into an incorrect account. The issue arose after a supplier’s email had been hacked, invoice payment details changed and incorrect invoices sent out to customers.
What types of cyber attacks happen to a business?
One of the most prevalent types of cyber attacks on SME businesses is phishing. Alarmingly 1 in 5 SME owners in 2020 had never heard the term (2). Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords, credit card numbers, or bank account details by impersonating a legitimate entity or person. Phishing can take various forms, such as emails, phone calls, text messages, or websites. The attackers often use social engineering techniques to trick the victims into clicking on malicious links, opening attachments, or providing personal information. Phishing can lead to identity theft, financial losses, or malware infections.
Another common type of cyber attack is ransomware. Ransomware is a type of malware that encrypts the victim's files or systems and demands a ransom for their decryption. Ransomware can affect individual devices or entire networks, depending on the sophistication of the attack. Ransomware can cause severe disruption to a business's operations and data availability. Ransomware can also expose the business to legal risks if the attackers threaten to leak sensitive or confidential data.
A third type of cyber attack that can happen to businesses is denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. DoS or DDoS attacks are attempts to overwhelm a website or server with excessive traffic or requests, rendering it slow or inaccessible. DoS or DDoS attacks can affect a business's online presence, customer service, and revenue. DoS or DDoS attacks can also be used as a diversion tactic to hide other malicious activities.
A third type of cyber attack that can happen to businesses is denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. DoS or DDoS attacks are attempts to overwhelm a website or server with excessive traffic or requests, rendering it slow or inaccessible. DoS or DDoS attacks can affect a business's online presence, customer service, and revenue. DoS or DDoS attacks can also be used as a diversion tactic to hide other malicious activities.
QUESTIONS? JUST ASK
Aimee Henderson
How can I protect my business from cyber attacks?
Protection from cyber attacks needs to include both preventative and restorative measures. Educating yourself and your staff in what to look out for is the most basic preventative step.
Reviewing your cyber risk and implementing security processes on all systems is also a critical measure. Something as simple as implementing 2 Factor Authentication on all devices has been shown to drastically reduce a business’s exposure to cyber attack by up to 80-90% (3).
Given the fast release of new types of attacks, even with strong security measures many businesses will fall victim to a cyber attack. A tailored and robust cyber insurance policy will help to cover your business for damage and in many cases assist in getting the professional help required to rehabilitate the business, its customers and its reputation.
Speak with us today at Grace Insurance about how cyber insurance can help protect your business from the real and present danger of cyber attack.
(1) Annual Cyber Threat Report 2021-2022
(2) Cyber Security and Australian Small Businesses. Results from the Australian Cyber Security Centre Small Business Survey
(3) Tech CEOs: Multi-Factor Authentication Can Prevent 90% of Attacks. Muncaster, Phil. Infosecurity Magazine. 3 Sep 2021.
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.
All information above has been provided by the author.
All information above has been provided by the author.
Aimee Henderson, Grace Insurance, ABN 63 133 156 742, AFSL 233750
Related articles
QUESTIONS? JUST ASK