Posted 27.02.2020 in Lifestyle
In this article we explore the scale of this risk and some of the ways you can protect yourself and your business, and we get some practical advice from a cyber security professional.
The more reliant we become on networked technology, the more exposed we are to the risk of cyber crime. Today, there are over 30 billion internet-connected devices on the planet, each a potential point of attack. Globally, the costs of cyber crime are staggering – projected at $US5.2 trillion over the next five years. The World Economic Forum currently ranks cyber security as the sixth most significant worldwide economic risk.
At a personal level, the impact on businesses and individuals can be devastating. So how great is the risk and what can you do to protect yourself?
Brian Smith is CEO of Slipstream Cyber, an online security specialist that helps businesses prevent and recover from cyber attacks. He says that almost everyone is at risk of cyber crime.
“Hackers are willing to take money from anyone, even if they’re not particularly likely targets – from physiotherapy practices, to not-for-profits,” Smith says.
Wealthy individuals and finance-related businesses are particularly at risk: “If you’re an individual or a business involved with shifting money around, or you’re holding a lot of sensitive data, then there is a particular risk.”
These attacks tend to move in waves, expanding rapidly through groups of interconnected people and businesses. “Last year, we responded to a particularly advanced malware-based attack,” says Smith. “The virus initially moved through the Victorian hospital network and found its way into local government, then targeted smaller businesses.”
Smith cautions that attackers often watch their targets for lengthy periods to identify their points of weakness before they strike. This means that people with a public profile or who are associated with a high profile organisation may be exposed to greater risk. “They’re very good at doing reconnaissance,” Smith says. “For example, they can estimate someone’s capacity and inclination to pay a ransom.”
A ransomware attack will encrypt an organisation’s or individual’s files, in order to demand a ransom for their release. Hackers may also break into an organisation’s email system to understand their transactions. This enables them to either issue invoices with false account information, or pretend to be a supplier to redirect payments.
“Once hackers get into the system to steal funds, they can be reputationally quite damaging as well as financially,” says Smith. “They can destroy relationships.”
Another common type of breach is data theft, where hackers scrape out information from emails and contact lists – often to launch further attacks against other people.
Smith warns that hackers often combine different types of attacks.
“Sometimes they start out with data theft, move into a fraud phase, and then perpetrate a ransomware attack. It’s also common for an attacker to breach an organisation to sell their data on the dark web, so that different threat actors will attack the same victim.”
The most immediate impact of a cyber attack tends to be the loss of private information, which may result in identity theft. For the business or individual that has been targeted, there is also likely to be a financial fallout, with funds being stolen, re-directed to hackers, or used to pay off a ransom.
According to a recent report, the average cost of cyber crime to a business in Australia is around $276,000. But depending on the nature of the intrusion, the impact can be far greater.
“We’ve worked on several cases where our clients lost in excess of a million dollars through misdirected transactions or extortion,” says Smith. “For small businesses, this kind of scale can be truly devastating.”
As well as direct financial impacts, cyber crime also causes immense disruption to individuals and businesses, as well as ongoing emotional distress. “The inconvenience and suffering cannot be underestimated,” Smith says. “You can have a lot of complicated decisions to make very quickly. So there are monetary impacts, but it can also be very time consuming and psychologically quite harmful.”
In addition to being vigilant about your own interactions with the digital world, you should also demand good practices from the companies you deal with. Smith recommends asking service providers some searching questions to determine how seriously they take cyber security, especially if they handle or invest funds on your behalf:
At Capital Partners we are constantly looking to strengthen our cyber security, stay vigilant and protect important information. For us, this task is simplified when those people we are working with are also vigilant in protecting themselves. We highly recommend speaking to an expert if you are unsure of your business or personal security.