Small businesses face increase in cyber attacks during COVID-19

Since March 2020, the Australian Cyber Security Centre (ACSC) has received over 115 cybercrime and cyber security incident reports from individuals and businesses, and Scamwatch has received over 1,100 reports about COVID-19 scams

The ACSC has warned that malicious cyber attacks have dramatically increased during the COVID-19 health crisis, impacting businesses nationwide. Abigail Bradshaw, Head of the ACSC, revealed that since the start of the pandemic there has been a substantial increase in malicious cyber activity across Australia, with cybercriminals actively targeting Australian organisations with COVID-19 related scams.

What are the latest cyber security risks facing businesses?

The ACSC has received an increased number of reports of cybercriminals targeting people working from home. In some cases, attackers pretend to be a representative of a worker’s IT team, telecommunications company or bank, requesting remote access in order to ‘fix an issue’. Once given access, the scammers are easily able to access the business’ intellectual property.

There are also many email phishing scams that appear to be from the Australian Government, with one of the latest cyber attacks inviting people to support a ‘Coronavirus Relief Fund’.

What does this mean for small business?

Whether your staff are logging in remotely or working in the office, it’s important to make sure they are educated about the latest cyber threats in order to be vigilant against falling prey to a scam. The key threats to be aware of are phishing emails, malicious websites, and newer COVID-19 themed scams.

How can you protect your company online in a WFH environment?

Some simple strategies that businesses should consider to bolster their online security and help prevent cyber-attacks include:

  1. Make sure your staff are using company-supplied hardware.  
  2. Keep your anti-virus software up to date to prevent malware that deletes, corrupts or steals information.
  3. Back up and restore your data on the cloud or external hard drives so you can recover if your computers are wiped.
  4. Use firewalls and ensure that if staff are working from home, passwords on Wi-Fi routers are changed.
  5. Secure your Internet of Things (IoT) devices, such as smart devices and vehicle navigation systems.
  6. Use a password manager that can generate and store strong passwords that are much harder to crack.

What can your employees do to protect themselves against COVID-19 scams?

The most common COVID-19 attacks involve the fraudulent emails that have been produced to look as though they come from a legitimate source. To protect your business against such emails, the ACSC recommends the following 6 steps:

  1. Before you open an email, think about the sender and if you are expecting to receive an email from them. Consider what they ask you to do in the email, and if it makes sense. In doubt, give them a call using contact details from a verified website or your existing contact list.
  2. If you receive an unsolicited email, don’t open any attachments or click on links.
  3. Don’t provide personal information over email and never provide remote access to your computer.
  4. Keep in mind that reputable organisations will never email to verify or access your personal information, including banks, government departments, Amazon, PayPal, Google, Apple and Facebook.
  5. Use email providers that offer spam and message scanning like Microsoft Outlook.
  6. Use two-factor authentication (2FA) for your banking, email and social media accounts.

Call in the experts to help defend against cyber attacks

At Telstra Business Technology Centre Melbourne South, we can run a cyber security audit to identify areas that can be improved, and advise you on a solution that is completely tailored to your business. We’re here to help. Call us on 1300 669 103 or email enquiry@tbtcmelbsouth.com.au to strengthen your business’ online presence today.