You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
accountants daily logo

Cyber war right on SME doorstep

Business

Small businesses should take steps to guard against Russian malware, a specialist says.

By Philip King 11 minute read

The war in Ukraine is spilling over into cyber threats to Australian small businesses and they should be urgently reviewing security, said an HLB Mann Judd specialist.

Risk and assurance director Kapil Kukreja said some businesses mistakenly believed they were too small to be a target – but the threats were real.

“Hackers are becoming increasingly sophisticated in how they target and attack and it’s no longer a case of if a business should come under attack, but when,” he said.

He said Russia was infamous for its criminal hackers, some of which were state sponsored, and Australia’s stance on the war in Ukraine meant businesses here could become collateral damage.

“Australian companies are a part of global supply chains. Some will have either direct or indirect links with Russia and/or Ukraine,” he said. 

“NotPetya, the cyber-attack by Russian military hackers is considered to be the costliest cyber-attack in history. The destructive software was hidden in an update of popular accounting software used in Ukraine, but spread worldwide destroying the computer systems of thousands of companies and causing approximately $10 billion of damage.

==
==

“Similarly, the Wiper malware, which is currently prevalent in Ukraine, launched by Russia, can potentially spread in several countries within minutes, including Australia.”

The Australian Cyber Security Centre has issued an advisory urgently encouraging local organisations to boost their cyber security in light of rising international tensions with Russia.

Mr Kukreja – who advises the SME market and government departments – said small businesses especially should assess their preparedness for a cyber-security incident, and review their response and business continuity plans. 

“For SME businesses the impact of cyber fraud may be more profound, as the security of larger sized organisations is that much more robust,” Mr Kukreja said.

He cited a case in which a finance team member at one SME was sent an email, ostensibly from a vendor, asking them to record new bank details. The finance member duly updated the vendor record. When a $1.7 million payment was made to that vendor, it went into the hacker’s bank account.

The breach was identified when the vendor asked why they had not received payment and processes to update records were subsequently changed.

“Cyber security is a domain which is changing at a rapid pace, with cyber criminals devising new and sophisticated methods to circumvent the security controls,” Mr Kukreja said.

“Organisations that have realised cyber risk is real and can have a detrimental effect on their reputation and operations are already further ahead than many others.”

Philip King

Philip King

AUTHOR

Philip King is editor of Accountants Daily and SMSF Adviser, the leading sources of news, insight, and educational content for professionals in the accounting and SMSF sectors.

Philip joined the titles in March 2022 and brings extensive experience from a variety of roles at The Australian national broadsheet daily, most recently as motoring editor. His background also takes in spells on diverse consumer and trade magazines.

You can email Philip on: This email address is being protected from spambots. You need JavaScript enabled to view it.

You are not authorised to post comments.

Comments will undergo moderation before they get published.

accountants daily logo Newsletter

Receive breaking news directly to your inbox each day.

SUBSCRIBE NOW