To date only 12 Australian businesses have been hit by the global ransomware WannaCrypt and WannaCry. Unsurprisingly the victims were all small businesses.
While Australian businesses seemed to largely avoid the chaos, both the government and experts have warned small business lacks the resources and knowledge to ward off cyber crooks.
Australian Chamber of Commerce and Industry chief executive James Pearson said while big companies and the government understood the threat of cyber attack, many small businesses did not fully appreciate the problem.
"Often the people running them aren't fully aware of the risks and don't have the tools available to mitigate them," he said.
"I hope that the publicity given to this latest ransomware attack will be a wake-up call for small and medium businesses across the country."
“Small businesses are frequently a more appealing target for ransomware because they sit at the juncture of money and vulnerability. They frequently have more money than individuals, but being small businesses, they lack the more sophisticated defenses that larger business have. - Ryan Olson, director of the Palo Alto Networks Unit 42 cybersecurity threat intelligence team.
“These attackers have also learned that the most profitable method is to hit many small businesses with low ransom demands—usually $300 to $2,000. Even small businesses can generally afford to pay those amounts.” — Eric Hodge, director of consulting, IDT911 Consulting
For many small businesses, if the ransom is low enough, and data backups aren’t available, the most cost-effective response is often to pay the ransom, says VoicePlus SMB specialist, Andrew Cutugno.
"It's sad because most small businesses can't really afford to lose $300 or $500 to a hacker, but it is happening all over Australia, more often than you might believe.
"I often meet small business owners who have only made contact with VoicePlus because they have already been the victim of ransomware, and don't want a repeat attack."
To avoid being caught is simple, says Cutugno.
Small business can not afford to spend thousands on network security, but also can not afford to do nothing. VoicePlus has inexpensive solutions designed specifically for small business including threat monitoring.
The Prime Minister's Cyber Security Advisor Alastair MacGibbon and officials from the Australian Cyber Security Centre have launched an investigation into how Australia avoided the worst of the attack, which hit 200,000 companies and organisations in 150 countries by locking computers and holding users' files for ransom.
"We may have dodged a bullet this time but rest assured there will be another bullet we'll have to dodge in the future," Assistant Cyber Security Minister, Dan Tehan, told The Australian Financial Review.
Related Blogs