In 2017, the cyber community was rocked by the WannaCry ransomware attacks, which struck business and organisations across the globe. Then not even a month later, a Petya ransomware variant named Nyetya joined its ranks as one of the worst cyber-attacks in history. The attackers were able to exploit unpatched Microsoft vulnerabilities and demand a ransom of $300 in Bitcoin, promising the restoration of data if the user paid up.
Now almost two years post the infamous Nyetya and WannaCry attacks the cost of cybercrime is still on the rise. The Ninth Annual Cost of Cybercrime Study was released at the start of the month, revealing how improved cybersecurity protection is becoming more and more vital for business to implement.
Cybercrime by the numbers
Accenture reports that globally there has been an 11% increase in malicious security breaches in the last year, and a 67% increase in the last five years with banking, utility and software organisations being hit the hardest. In 2018, the average cost of cybercrime hit US$13 million (AUD$18.3 million), a rise of 12 percent from the previous year.
In Australia, the average annual cost jumped from AUD$7.61 million in 2017 to AUD$9.56 million last year – an increase of 26%. The report highlighted malware as the most frequent attack overall, and usually the most expensive to resolve.
Cyberattacks are evolving
Trends in cyberthreats are continually changing. The report identifies these rapid changes are due to evolving targets, impacts and techniques which sees cybercriminals constantly adapting their attack methods to exploit any weakness in security.
Information theft was noted as the most expensive and fastest rising consequence of cybercrime. Human error was placed as the weakest link in business cybersecurity measures, which only reinforces the importance of employees being trained to recognise phishing attacks.
Perform backups and update outdated security patches
The only way businesses can be protected is by performing backups and staying on top of patch updates.
In the case of the 2017 Nyetya attacks, there was no chance of data recovery. In such a scenario, you would have only your backup files – whether on an external storage or in the cloud – to fall back on. But backing up is not enough; you should also ensure that your backups are working, which you can do by testing them regularly. Given the nature of evolving malware attackers, you should also make sure that your backups are stored off-site and disconnected from your network.
Vulnerabilities exploited by unpatched Microsoft-run computers are an easy target; but an easier fix. As a business owner, make it a part of your cyber security routine to update your systems with the latest security patches, or risk having your files or systems permanently corrupted.
As a business owner whose operation’s lifeline depends on critical files, your backups are your insurance. If your system’s network security needs another layer of protection, get in touch with us today.