Home United States USA — software Ombudsman says SMBs are a growing target for cybercrime in Australia

Ombudsman says SMBs are a growing target for cybercrime in Australia

234
0
SHARE

As the threat escalates, Australian Small Business and Family Enterprise Ombudsman has said knowledge of where small-to-medium businesses should turn in the event of a cyber attack is also unclear.
According to Kate Carnell, Australian Small Business and Family Enterprise Ombudsman, half of small-to-medium enterprises (SMEs) operating in Australia believe their limited online presence protects them from cybercrime.
However, Carnell believes the opposite to be true — that the presence they have does make them a prime target for cyber criminals.
Speaking at the ASIAL Security Conference in Sydney last week, Carnell said a lot of SMEs don’t think they have anything warranting a cyber attack, believing criminals instead would target the « big guys ».
« They know the big guys have really cool systems and they know the little guys haven’t,  » she explained. « Cyber criminals now are attacking small businesses as a result, very, very regularly. »
A former pharmacy owner, Carnell said she employed a range of physical security practices, including multiple safes, as a way of preventing the bad guys from accessing both her business’ money and medication. But now, she said the threat to a pharmacist is the world — not just a few known local nuisances.
« Everybody can attack the computer system in a pharmacy,  » she said.
« Small business are attacked for a whole range of reasons, one is their systems are pretty low, their knowledge in the area is pretty low, they don’t have in-house IT people, most people don’t really understand this stuff at all … and they have a tendency to pay accounts and invoices quickly. When you get a false account, they have a nasty habit of being paid. »
According to the ombudsman, the average cost to businesses as a result of an online scam is about AU$10,000, with most of the scams coming in via email or phone.
30 percent of small businesses reported experiencing a cybercrime incident in the year to mid-2015 — a 109 percent increase over the year prior. Carnell, however, is certain that figure was a lot higher as a lot of small businesses don’t want to admit they’ve fallen victim.
Australia is a nation of small business operators — defined by the ombudsman as business employing less than 20 employees and by the Australian Taxation Office as businesses turning over below $10 million.
In Australia right now, 97 percent of business are small businesses employing less than 20 employees — that is 2.1 million individuals employed by a small business.
« The vast percentage of businesses in this country fall into that category,  » she said.
Carnell added that many do not have a chief operating officer, in-house lawyers, or IT folk. They don’t really get cybersecurity even though they know it’s a problem, and the CEOs are often actively running the day-to-day business with an office structure around them. As a result, cyber protection is often forgotten.
« This is starting to be a bigger impact among our economy … than some traditional forms of crime,  » she explained, but noted that the challenge for many SMEs is they don’t know how to protect themselves.
« The reason they don’t know how to deal with it is that there’s so much stuff in the space across government … there’s a lot of different parts of the federal government dealing in the cybersecurity space.
« But from a small business perspective, where do you go? Do you go to ASIC, the AFP, Scamwatch, the ATO? »
Previously, Opposition Leader Bill Shorten said that millions of SMEs in Australia need the federal government to help them stay safe in the digital world .
« They need [help] in the way that’s simple enough for them to incorporate it into their business and that they can afford,  » Shorten said, addressing Parliament in November. « This means having the resources to design cyber defences for products, processes, and people. »
With grants of up to AU$2,100 becoming available next year to SMEs to support a cybersecurity IT system, Carnell said Australia is still a mile away from small businesses knowing where they have to go to report and what they have to do to be safe.
« 60 percent of small businesses that have a major cyber attack go broke within 12 months,  » she said.
« This is a huge problem and it’s a major opportunity for the cybersecurity industry. »

Continue reading...