This year's massive ransomware attacks which affected hundreds of thousands of people in more than 150 countries are a reminder for Australian small businesses to prioritise strengthening their cyber security measures.
May's WannaCry ransomware attack exploited a vulnerability in Windows computers, which did not have up-to-date security patches. This allowed files to be encrypted and held to ransom, with users asked to pay $300-$1200 in the bitcoin currency to free their files.
Hot on the heels came June's Petya attack, which exploited some of the same weaknesses and again played havoc with businesses across the world.
The attacks highlight how following simple steps can play an important role in limiting cyber security exposures. And although only a handful of Australian businesses were impacted, John Apter of Gallagher Insurance Brokers says that there’s no room for complacency.
“Australia got off lightly from these attacks, but the sheer speed by which the ransomware spread should be enough to place this issue at front and centre for business owners across the country,” said Apter.
“This attack also highlighted the fact that any business is a target for cyber criminals – not just big business. Indeed, what this attack has shown is how vulnerable small businesses can be to cyber-attacks, simply through not following basic security measures.”
Apter recommends all businesses look to minimise their cyber security exposures in the following ways:-
“More than 85% of ransomware attacks can be avoided by following best practice IT security measures, said Apter.
"And while cyber insurance will not stop ransomware attacks from happening, it can be invaluable in helping to recover lost costs associated with such attacks – including loss of business income brought about by the inability to trade throughout the duration of the attack."
"As such, it should form part of every business’s holistic approach to handling cyber security threats.”