7 tips to avoid cyber attack

Following an alarming rise in cyber attacks against Australian businesses, experts are warning January is a prime time for ransomware attacks.

Cyber-attacks are up 30 per cent in the last six months as cyber criminals exploit the pandemic and a remote and the ongoing pressure of remote working.

Experts are warning Australian small businesses owners to ensure their business is well set up in 2022 to avoid being a primary target for cybercrime. 

Business Australia General Manager Products Phil Parisis says Australian businesses can be easy targets with SME’s accounting for nearly half of all cyber-crime incidents.

“Research shows that business owners are aware of cyber-crime, but they are just not prepared – 90 per cent of attacks are still successful due to human error.

“We often hear from businesses that ‘I’m just a small law firm, a building company, why would anybody target me?’.”

Mr Parisis said the reality is that cyber criminals don’t necessarily target you.

“Mostly you become an accidental victim of a large, broad scale phishing attack. Then all it takes is one employee to make a mistake and it triggers an interest in your business.

“Attackers are also incredibly creative at playing on human emotions, creating links someone is most likely to click.”

He said there has been a huge increase in phishing campaigns that revolved around trending topics like coronavirus vaccines.

“It’s the easiest way to infiltrate a business and hold it hostage – and there are TikTok videos showing exactly how this is done within minutes.

“Business Australia has launched Business Australia Cyber, specially designed to help small businesses learn how to spot cyber risks and prevent attacks with a Cyber Security Health Check.

Seven practical steps for businesses to prevent a cyber-attack in 2022

1. Create a human firewall: Building a human firewall or educating yourself and employees is the most effective way of preventing a cyber-attack.
2. Protect your passwords: It’s critical that passwords are not easy to guess. It might be worth considering a password manager and a multi-factor authentication, providing a second wave of authentications.
3. Beware of public Wifi: Logging on to a public Wifi is one of the easiest ways to get hacked. If you, or members of your team, are working remotely, a safer option hot spotting to their phone.
4. Careful with what you buy: Cheap cables for iPhone charges have been found to have malware from, best to go with store approved products.
5. Upgrade your software: Ensure all your devices’ operating systems are upgraded regularly. These will include recent security patches.
6. Consider insurance: Cyber insurance doesn’t reduce the risk; it reduces the financial impact of a cyber-attack. It can also help a business recover faster.
7. Update business policies and procedures: Ensure your business processes are up to date to protect, prevent and recover from any suspicious behaviour.