We've been hacked!! Why SMEs are key
Knowledge is power.
Data = knowledge.
Whoever holds the data, holds the power.
It’s this fact that ensures cybersecurity remains at the forefront of risk management, as ill-prepared companies continue to fall victim.
Don’t believe me? Here’s a summation of some of the largest data breaches in the past decade.
- Yahoo.com: The media giant was hacked in September 2016. 500 million records affected
- Friend Finder Network: Usernames, email addresses and passwords stolen. 412 million records affected
- Marriott Hotels: In November 2018 customer data (including credit card and passport info) was stolen. 383 million records affected.
- China: The resumes of Chinese nationals were leaked. Info included names, mobile phone numbers, emails, marriage status and political alignment among details released. 202 million records affected
- LinkedIn: In May 2016, 117 million passwords were stolen from the popular social media networking platform
Hackers are now turning their attention to bigger rewards as they seek out prized government targets. These attacks are becoming more prevalent and growing in sophistication, as leading countries lag behind.
In December 2018, Chinese intelligence services pulled off an extraordinary attack on the world’s leading software groups including Hewlett Packard, SAP and IBM.
The successful assault exposed extensive records from third party clients of the above, which included thousands of Australian companies and government agencies. The fallout from the attack is still unknown to this day.
Alastair MacGibbion, who is the head of the government’s Australian Cyber Security Centre, spoke on the attack in December.
“It’s the biggest and most audacious campaign I’ve seen,” he said. “This is massive in its scope and scale. It’s breathtaking.”
Just two months later, Australia was hit again.
On February 9, the Parliamentary Network (which is used by every MP in the nation) was compromised.
Thankfully, the fallout from the breach appears minimal at this point in time, “There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation,” a government statement read.
But if the Government cannot keep its data safe, then what hope in hell does anyone else have?
The answer may surprise you.
A huge wake up call – will it be answered?
Opposition Leader Bill Shorten described the February 9 breach as, “A huge wake up call,” for small and medium businesses (SMEs), which are targets in almost half of all cyberattacks.
Small and medium sized businesses have been slow to take up the fight because they assume hackers have little interest in their organisations. Why would they care about us? What data do we have that they care about?
Unfortunately they are gravely mistaken.
Because SMEs present opportune entry points for hackers into larger, data rich networks (such as governments, corporations and banks), their importance in the first line of defence against hackers cannot be understated.
In fact, there’s a good chance a third party government contractor was leveraged to gain access to the Parliamentary Network earlier this month.
Furthermore, the financial ramifications should be encouragement enough for SMEs to change their cybersecurity habits. According to the United States National Security Alliance, 60% of small businesses in America that are hit by a cyberattack spend US$690k or more shoring up their network after the fact.
Thankfully, as awareness around cybersecurity improves, so do the solutions.
Emerging companies like WhiteHawk (ASX:WHK) have identified the important role SMEs have to play in combating cyberwarfare. As a result, it has created the world’s first dedicated online cybersecurity exchange, which provides companies with the ideal platform to safeguard their digital future.
The SaaS solutions provider also works with SMEs step by step to evaluate their digital footprint and cybersecurity risk.
If SMEs can work towards solidifying their cyberattack readiness, we'll be one step closer to a more secure digital world.