Another day, another cyber-attack making headlines! It’s not just you, it’s the reality of the global digital environment – and it’s only getting worse. We hate being the bearers of bad news, but the incidents reported in the news aren’t anything compared to the millions that fly below the radar. In 2023, the global cost of cyberattacks is expected to soar to US$8 trillion and US$10.5 trillion by 2025. And for small businesses in Australia, the cost of a cyber incident is over $270,000 with more than 200 hoursfor recovery. It’s pretty grim stuff – but why is it happening?

#1 – Geo-political turmoil 

It may be happening on the other side of the planet, but as the Disney song says, it’s a small, small world. Global politics, and we’re talking about the bad stuff here, gives malicious organisations more opportunities to strike. Much of it is state-funded, as with Russia’s REvil, which claimed over US$100 million in revenue from their attacks, which included around 18,000 attacks in the USA alone – most notably the Colonial Pipeline event. In Australia, we saw a similar spike in state-funded cyber-attacks from groups based in Iran, China, and Russia targeting government utilities and private companies.

#2 – Economic climate 

Key sectors globally and in Australia are sitting with empty seats that need filling, and the lack of talent is especially high when it comes to cybersecurity and related IT hires. But that’s not all! If you’ve gotten out of bed since 2020, you’ll know that there’s a global recession stomping around causing higher inflation and energy crises as well as throwing the world’s supply chains into chaos. Cybersecurity teams, which have always been stretched incredibly thin, are under huge pressure and risk of burnout as well as hiring freezes – all while malicious threat actors are pulling in piles of cash and crypto.

#3 – Malware-as-a-Service 

Just like you can pop onto the web and buy your groceries, a new office chair, or even take a gym session, you can now add some malware to your checkout basket! Scary stuff, but it’s a fact we need to be aware of and address – anyone, anywhere can buy ransomware or any other type of malware and launch an attack on whoever they like. All for about the same price as a takeaway coffee. Of course, the cheap stuff isn’t likely to be too effective – but where there’s cheap stuff there’s sophisticated, expensive stuff too. With a little bit of budgeting anyone from an unhappy employee to a teen with too little to do can take down a company.

#5 – A focus on small targets 

Oh, so you thought these Lamborghini-driving hacker groups were only interested in the big dogs? Not so! Big companies and governments grab headlines and offer hackers the most valuable impact for their efforts, but they also have the strongest cybersecurity protection and get the cops after you. As a result, there’s actually a much higher risk of an attack facing SMBs as staff are likely to have minimal or no cybersecurity training, where networks aren’t well-protected, and where you don’t have to contend with a cyber-version of John Wick coming to lay down the law. This lower-risk, less flashy thinking from hackers meant that between 2020-21, attacks on small businesses surged by 150%. 

#6 – Misalignment between cybersecurity and business strategy 

No one likes to think about someone messing around in their business, yet many companies – large and small – are burying their heads in the sand when it comes to investing in cybersecurity. In fact, reports say that by 2023, businesses with cybersecurity issues are set to double. Cybersecurity isn’t seen as something that drives the value chain of the business or helps you get your business where you want it to be. On top of that, cyber insurance is getting more complex with the likelihood that insurers will change underwriting requirements and include more requirements for businesses to have security maturity, making it much pricier – putting decision-makers off even further.

So, what’s the good news? 

You’re likely feeling a little depressed after reading that – and more than a little concerned. But there is a silver lining called Otto here to lift your spirits and, more importantly, protect your business.

At Otto, we specialise in small business IT solutions – no overpriced flashy stuff or things you won’t ever use, just robust layered security that keeps you on track for hitting your business goals. From active security monitoring and data protection to data backup and recovery, we do it all. We’ll even train your staff! Let’s chat.