Three Everyday Cyber Threats Facing Australian Businesses

what is malware

Common Cyber Threats Facing Your Business

Cyber threats against organisations of all sizes have increased dramatically year on year and are expected to continue to rise. Here are three types of common cyber security threats facing businesses in Australia.

1. Malware

What is malware? Malware is malicious software designed to cause harm to a user’s device or organisation’s IT infrastructure and data. There are different types of malware, including viruses, spyware, keylogging, trojans, worms, etc.

It gains access to your devices or business network via a variety of routes and is generally after sensitive information, such as credit card details, customer details, bank accounts, passwords, etc.

Why is malware used? It’s typically used for financial profit, but it can also be used for other motives such as:

Businesses working with staff or 3rd parties who connect remotely, need to be aware that BYOD and unmanaged devices were increasingly targeted in 2020. These devices are more exposed and can put your business’s data at significant risk.

Who uses malware? Malware can be created and deployed from anywhere in the world today, against any person or organisation. Malware tools range in complexity and are becoming more readily available on the dark web, to the point where cyber criminals are able to subscribe to a (MaaS) Malware As A Service which provides a botnet that distributes malware for them.

How To Protect Against Malware Attacks

common cyber threats australian business - 9spheres technologies brisbane

2. Phishing

What is phishing? Phishing attacks usually come in the form of emails and are built to look like authentic correspondence from a business or person you may know or trust. Their aim is to get you to open a link or download an attachment in order to either install a piece of malware on your device or to request sensitive information such as bank account details. Modern phishing attacks have become very sophisticated and are more difficult to identify without the correct software.

Phishing is a numbers game. Phishing emails are usually sent to thousands of people in the hope that a small percentage will fall victim. Scammers can net significant sums of money through this method. A few common types of phishing include:

  • Phishing (low sophistication, many targets)

Usually general emails with obvious warning signs, sent to thousands of targets.

  • Spear Phishing (high sophistication, less targets)

Fraudulent and sophisticated messages sent to a specific individual, usually the business owner, receptionist or finance and payroll manager.

  • Whaling (high sophistication, less and high value targets)

Spear phishing aimed at very big fish like CEOs.

How are phishing attacks delivered Modern phishing attacks are no longer purely delivered via email. Other methods used include SMS, Instant messaging and social media.

How To Prevent Phishing

These are some of the ways you can avoid becoming phishing victim:

cyber crime - 9spheres technologies brisbane

3. Ransomware

What is ransomware? Ransomware is a specific type of malware that can lock down your business network, computers, files and/or entire IT infrastructure, until a ransom is paid. Ransomware attacks are typically carried out via a malicious but legitimate looking email link or attachment. When downloaded or opened, most ransomware encrypts a user’s files, then demands a ransom to restore access – typically payable using cryptocurrency, like Bitcoin.

A common method used to target Australian businesses in 2020 was for cyber criminals to use a combination of Emotet or Trickbot malware (spread via phishing emails) to gain access into a business network and then deploy Ryuk ransomware.

The Australian Cyber Security Centre rates ransomware as one of the greatest threats facing Australian businesses because:

Never pay a ransom.

You are not guaranteed to regain access and may be vulnerable to future attacks.

Download Our Cyber Security Checklist

How To Prevent Ransomware

Case Study: Ransomware Attack On Lion

On June 9 2020, Australian beverage giant Lion announced it had fallen victim to a cyberattack that forced the company to shut down its IT systems, limiting its manufacturing and order placement.

The attackers threatened to publish or auction confidential company information unless a ransom of $1 million was paid. Proof of stolen confidential files were posted on the dark web along with a ransom note:

You have 5 days to contact us and pay, otherwise all your financial, personal information your clients and other important confidential (sic) documents will be published or put up for auction,” the attackers said.

Proactively Prevent Cyber Attacks

One of the most effective prevention strategies against cyber crime is using the services of a managed security service provider. At 9spheres Technologies our clients can get on with business knowing that their IT infrastructure is constantly being monitored and proactively maintained by a certified team of experts. Professionals who are up to date with the latest threats and response measures.

We can put together a security plan and data backup and recovery plan that best suits your business needs and budget.

9spheres Technologies has been helping businesses in and around Brisbane stay secure since 2009. Chat to us about your needs and we can work out a solution with you. Book a free consultation with us here.

Get In Touch