We've been hacked!! Why SMEs are key

By Justin Ware. Published at Feb 15, 2019, in Ctrl Alt Del

Knowledge is power.

Data = knowledge.

Whoever holds the data, holds the power.

It’s this fact that ensures cybersecurity remains at the forefront of risk management, as ill-prepared companies continue to fall victim.

Don’t believe me? Here’s a summation of some of the largest data breaches in the past decade.

  1. Yahoo.com: The media giant was hacked in September 2016. 500 million records affected
  2. Friend Finder Network: Usernames, email addresses and passwords stolen. 412 million records affected
  3. Marriott Hotels: In November 2018 customer data (including credit card and passport info) was stolen. 383 million records affected.
  4. China: The resumes of Chinese nationals were leaked. Info included names, mobile phone numbers, emails, marriage status and political alignment among details released. 202 million records affected
  5. LinkedIn: In May 2016, 117 million passwords were stolen from the popular social media networking platform

Hackers are now turning their attention to bigger rewards as they seek out prized government targets. These attacks are becoming more prevalent and growing in sophistication, as leading countries lag behind.

In December 2018, Chinese intelligence services pulled off an extraordinary attack on the world’s leading software groups including Hewlett Packard, SAP and IBM.

The successful assault exposed extensive records from third party clients of the above, which included thousands of Australian companies and government agencies. The fallout from the attack is still unknown to this day.

Alastair MacGibbion, who is the head of the government’s Australian Cyber Security Centre, spoke on the attack in December.

“It’s the biggest and most audacious campaign I’ve seen,” he said. “This is massive in its scope and scale. It’s breathtaking.”

Just two months later, Australia was hit again.

On February 9, the Parliamentary Network (which is used by every MP in the nation) was compromised.

Thankfully, the fallout from the breach appears minimal at this point in time, “There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation,” a government statement read.

But if the Government cannot keep its data safe, then what hope in hell does anyone else have?

The answer may surprise you.

A huge wake up call – will it be answered?

Opposition Leader Bill Shorten described the February 9 breach as, “A huge wake up call,” for small and medium businesses (SMEs), which are targets in almost half of all cyberattacks.

Small and medium sized businesses have been slow to take up the fight because they assume hackers have little interest in their organisations. Why would they care about us? What data do we have that they care about?

Unfortunately they are gravely mistaken.

Because SMEs present opportune entry points for hackers into larger, data rich networks (such as governments, corporations and banks), their importance in the first line of defence against hackers cannot be understated.

In fact, there’s a good chance a third party government contractor was leveraged to gain access to the Parliamentary Network earlier this month.

Furthermore, the financial ramifications should be encouragement enough for SMEs to change their cybersecurity habits. According to the United States National Security Alliance, 60% of small businesses in America that are hit by a cyberattack spend US$690k or more shoring up their network after the fact.

Ouch.

Thankfully, as awareness around cybersecurity improves, so do the solutions.

Emerging companies like WhiteHawk (ASX:WHK) have identified the important role SMEs have to play in combating cyberwarfare. As a result, it has created the world’s first dedicated online cybersecurity exchange, which provides companies with the ideal platform to safeguard their digital future.

The SaaS solutions provider also works with SMEs step by step to evaluate their digital footprint and cybersecurity risk.

If SMEs can work towards solidifying their cyberattack readiness, we'll be one step closer to a more secure digital world.

S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.

Conflict of Interest Notice

S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.

Publishers Notice

The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.

Thanks for subscribing!

X