3 minute read
Capricorn Rewards
The insurance protection you need, and you might not have yet
If you thought cyber criminals took a break throughout Covid-19, it might be time to think again.
Over the last 12 months, a cybercrime report was made every 8 minutes in Australia, an increase of nearly 13% from the previous financial year. Also, one in three New Zealanders have reportedly fallen victim to cybercrime.
Aside from people feeling shocked that this could happen, cybercrime is causing a big economic impact too, with financial losses now totalling more than AUD$33 billion in Australia and NZD$198 million in New Zealand in the last financial year.
And cybercriminals aren’t just targeting large businesses. According to the Australian Cyber Security Centre, small businesses made a higher number of cybercrime reports; however, medium-sized businesses had the largest reported losses due to cybercrime, losing on average AUD$33,442 per cybercrime report - over AUD $14,000 more than the average loss for large businesses.
Why are they targeting small and medium businesses? Often because small to medium businesses don’t have sophisticated IT security systems often found in larger companies.
Haydn from Alltorque Diesel in Western Australia fell victim to a type of cybercrime called ‘business email compromise’ which now accounts for approximately AUD $80 million of all cybercrimes. Two months ago, cyber criminals intercepted emails between Haydn and a customer, allowing the criminals to impersonate Alltorque Diesel.
The criminals sent emails to a customer explaining Haydn had changed the business bank accounts. They had even managed to set up a false bank account in Alltorque Diesel’s name, making them seem legitimate.
Haydn noticed that something was wrong when the customer missed a payment, something that seemed off, as the customer regularly paid on time. When he rang to enquire, the customer explained about the bank account change.
After reports to the cyber fraud squad, and multiple bank claims later, Haydn has had to wear half of the cost of the transaction. He is transitioning away from the old email address, even though it is a Microsoft account and he thought it would be secure.
Ransomware also remains one of the most disruptive threats to businesses, with an increase of over 15% over the last 12 months. Peter from BP Tanawha in Queensland discovered just how disruptive ransomware can be.
Around two years ago, cyber criminals were able to shut down Peter’s petrol station by getting access to his systems through TeamViewer or email. The criminals held two points of sale, back office and petrol pumps hostage through the use of ransomware .
What started as demands for $2,800 soon grew to over $48,000. After receiving support to clear his system on a Friday, Peter thought he was clear, before he arrived to work on Monday and the same smiley face and countdown appeared demanding money again.
As all of his IT systems were integrated, Peter has had to replace all of his hardware and software, as well as wear the cost of the interruption to his business. He was surprised cyber criminals would be interested in hacking a business like his. He says he has always been careful when accessing emails and files on the internet, and he checks in regularly with his software partners for updates to security protocols. Nonetheless it really can happen to anyone, and Peter has spoken to a few local businesses who have had similar attacks on their IT infrastructure.
If you don’t have IT security in place, we highly recommend you speak to a specialist as soon as possible to set up your first line of defence. You may as well make it as hard as possible for criminals to get into your system.
The other step we encourage every Member to take is purchasing cyber insurance. If you do fall victim to a cyberattack it is important to act fast, and having cyber insurance allows you to do just that. Depending on your policy, cyber insurance may cover: • Loss of revenue from interrupted business • Hiring negotiators and paying a ransom • Recovering and replacing records or data • Liability and third-party loss • Defence of legal claims • Preventing further attacks.
Having cyber insurance gives you access to IT specialists who can access your IT system, stop any further damage, and attempt to undo the damage done by the criminals.
The policies are relatively inexpensive, and although they won’t prevent an attack from happening, they can make all the difference in keeping the costs involved in the cleanup under control. It may be a worthwhile investment for your business.
