What is Cyber Risk?

Cyber risk is the likelihood of suffering negative disruptions to sensitive date, finances or business online operations.  Cyber risk is associated with events that could result in a data breach and or financial loss.

According to the ASD Cyber Threat Report 2022-2023 nearly 94,000 cyber crimes were reported with a report on average every 6 minutes.  The average cost of cyber crime associated with this was $46,000 for small business, $97,200 for medium business and $71,600 for a large business.

 The Top 3 cyber crimes for Business were

• Email compromise

• Business email compromise (BEC) fraud

• Online banking fraud

Cyber Threats

The threat landscape is constantly changing, this is a non exhaustive list of the most common threats to individuals and small businesses.

Scam Messages and Phishing Attacks

Scam messages may come through email, text messages, phone calls or social media and their purpose is to trick someone into sending money or gift cards or clicking on malicious links or giving away sensitive information such as passwords or credit card details.

Phishing attacks usually have a link to a fake website that is used to compromise passwords in order to take over social media accounts and then hold the owner to ransom.

Business Email Compromise

Business Email Compromise, or BEC, is the use of email to trick people into paying invoices that may be from a legitimate supplier into a scammer’s bank account.  They may have taken over another user’s email, or they might use a domain that looks very similar.

Usually these attacks will have an urgent request for payment or advise the customer (you) that the company’s bank account details have changed to a new number.

There are simple practices you can implement to prevent this from happening, check out this article for more info on protecting your business from BEC.

 Malware

Malware, a blanket term for Malicious Software, is software such as ransomware, viruses, spyware and trojans, designed to cause harm.

You can be infected by malware unknowingly through visiting websites that have been infected, downloading infected files from the internet or opening infected email attachments.

Malware can steal or lock the files on your device, steal your bank account details, credit card numbers and take control of and spy on your computer.

Ransomware

Ransomware is a type of malware that encrypts your files with the attacker demanding a ransom for the files to be unlocked.  In the worst case scenario a business can lose ALL of its data.

The Australian Cyber Security Centre (ACSC) has helpful information on how to recognise and deal with a ransomware attack.

Staying Safe

Check out the ACSC Small business cyber security guide for more information about staying safe from threats.

 Also check out our article on creating a cyber risk management plan for your business.