Small businesses going ‘bust’ after cyber attacks

Professor Ryan Ko and Bruce Irwin at the QFI cybersecurity forum today - Newsreel
Professor Ryan Ko from The University of Queensland and Bruce Irwin from Business Aspect at the Queensland Futures Institute cybersecurity forum today. | Photo: Supplied by QFI

Small and medium businesses have been warned that their viability is at risk if they experience a serious cybersecurity attack.

The Chair and Director of The University of Queensland Cyber Research Centre, Professor Ryan Ko, said about 60 percent of these businesses went “bust” after a serious data attack or scam.

He told this morning’s Queensland Futures Institute Leading Cyber Security forum that the volume of scams was increasing exponentially.

The targets were typically individuals without access to rigorous cybersecurity measures.

“It (the increase in scam volumes) shows that the criminals are organised and opportunistic,” Professor Ko said.

“If you are a criminal organisation trying to make money would you go for a state with a defence force or go for normal person on the streets? They go where the low hanging fruit Is.”

Professor Ko said organisations typically looked internally in their risk management for cybersecurity, but they should also be looking at external supply chains.

He said some of the scam organisations had become so well organised and sophisticated that their logos appeared as sponsors of sporting events in some parts of the world.

Business Aspect Principal Consultant Bruce Irwin told the forum that organisations needed to measure the right things to encourage a positive cybersecurity culture.

He said, while companies typically looked at how many people clicked on a phishing link, they often did not do enough to reward the first person who reported an email as suspicious.

Cybersecurity would be a part of every organisation’s world for the foreseeable future in a world in which we could “spill data at the speed of light”.

Sime Darby Industrial Australasia Head of Cyber Security Ivar Van Den Berge said, while there needed to be ongoing training and awareness to stop “happy clickers” from activating phishing scams, the scams were becoming harder to spot.

Criminals were using AI to specifically tailor messages to look authentic. He said, as well as encouraging good human practice, companies increasingly needed to “fight AI with AI”.

Panelists at the Queensland Futures Institute cyber security forum - Newsreel
Speakers at the Queensland Futures Institute Leading Cyber Security Forum (from left) Moderator Cat Matson, Ivar Van Den Berge from Sime Darby Industrial Australasia, Professor Ryan Ko from The University of Queensland, Bruce Irwin from Business Aspect and Karla Day from Qbank. | Photo: Newsreel