Fears of hackers infiltrating a company’s system are growing among small businesses, most of which are not properly prepared.
More and more small business owners in Australia are worried about a cyberattack, something Sophie Contreras knows only too well.
The Brazilian samba teacher realized her work email and Instagram account had been infiltrated by hackers in January this year, the same day her father was hospitalized with Covid-19.
Ms Contreras said cybercriminals first hacked into her Gmail account, then changed her social media password and deleted emails from her inbox in the early hours of the morning in an attempt to cover their tracks.
Friends alerted her to the attack when they were contacted through the Instagram page asking for money and promoting cryptocurrency purchases.
The Melbourne resident said her business Fisica Dance suffered as a result.
“I feel so violated to know that someone has been in my personal business,” Ms Contreras said.
“(The hackers) had full conversations with people impersonating me…and it allegedly affected my reputation.
“I never worried about it before because I thought no one would bother to hack me, but they did.”
Ms. Contreras encouraged all social media users and small business owners to use two-factor authentication on their accounts, to change their passwords regularly, not to reuse passwords across multiple platforms, and to always be aware of the risk.
A recent study by Business Australia found that nearly half of small businesses in Australia were vulnerable to cyberattacks, with two in five businesses admitting they don’t spend money on cybersecurity.
He also revealed that 90% of attacks succeed due to human error.
Business Australia chief executive Phil Parisis said it was concerning that 68% of businesses did not have cyber insurance.
He said the threat from cybercriminals would only grow over time.
“Unfortunately, many believe that cybersecurity is all about technology and that they are protected by only one piece of software, which couldn’t be further from the truth,” he said.
“Small businesses are big businesses for cybercriminals because they are easy to target.
“Train your staff to be wary of emails and text messages and know how to spot these fake attempts to access your system.”
Mr Parisis said phishing emails were the most common way for hackers to gain access to an account.
He warned that free public Wi-Fi was another easy way for hackers to see every transaction on a person’s device in real time. Hacked phone numbers sending fake text messages that encouraged people to click on links to get there was another advantage for cybercriminals.
In the 2020-2021 financial year, 67,500 cybercrime reports were reported to the Australian Cyber Center (ACSC), an increase of almost 13% over the previous financial year.
An ACSC spokesperson said ransomware remains one of the most serious cyber threats due to its high financial impact and disruptive impact on individuals, businesses and the wider community.
They said cybercriminals compromising work emails have become more sophisticated and organized, especially as more and more people work from home.
“Fraud, online shopping scams and online banking scams were the most reported types of cybercrime,” the spokesperson said.
“Australian businesses are losing significant sums to business email compromise, with total losses of approximately $81.45 million in fiscal year 2020-21, an increase of almost 15% on to the previous year.”
The ACSC recommended that individuals enable automatic updates on their devices to fix security vulnerabilities and maintain a secure system, adding multi-factor authentication to devices and accounts, using strong passphrases, and backing up regularly devices on an external storage device or in the cloud.
Those who have been scammed or hacked should report the matter to the ACSC on 1300 CYBER1 (1300 292 371) or in line.
When it comes to large companies, Optus works closely with government, global intelligence experts and the group’s global security operations centers to closely monitor the national and international cyber situation.
A spokesperson said the company is continually improving its security to protect its network and customers.
“Using expert threat intelligence, analysis and recommendations, we aim to employ global cybersecurity best practices to protect our network and our customers,” they said.
Telstra designs, builds and manages its cybersecurity for its global network and uses a range of technologies and security controls to minimize cyberattacks on its systems and networks.
A spokesperson said the company is continually investing in its security capabilities.
“We also recognize that cybersecurity is as much about people as it is about technology, so we invest in programs designed to foster a strong culture of cybersecurity within the organization and to prepare our employees to help protect against a range of cyberthreats. different,” they said.
Telstra also offers a range of products for businesses and individuals to help protect against cyber threats.
A Coles spokesperson said the company has also invested significant resources in protecting its data.
“We regularly review cyber threats to ensure we are protecting against an ever-changing external environment,” they said.
Australian fintech company Afterpay also employs a comprehensive security program to protect the business and minimize the impact of any attack.
The company has not suffered any major breaches to date.
“Afterpay’s top priority is to provide a secure platform for our customers, merchants and partners. We maintain world-class systems to safeguard privacy, as protecting customer data is our top priority,” said said an Afterpay spokesperson.