Cybercriminals Preying On Small Businesses

People on computer

As a small-business owner in Australia, you wouldn’t think you’d be the target of ruthless criminal syndicates based on the other side of the world. But you’d be wrong.

Cyber attacks are surging worldwide, and over 40 per cent of them are aimed at small businesses. This is because with their limited finances and technical skills, small businesses make much easier targets than large companies with big budgets and their own IT departments.

Multiple threats

Cybersecurity is not just an IT problem; it can potentially impact the entire business. Data theft can see your bank account drained or confidential data misused. Data loss, such as through ransomware, can be even more devastating. Ransomware attacks may be launched from eastern Europe, Asia or anywhere in the world, and currently cost Australians over $1 billion a year.

Cyber attacks on your business can also result in the theft of the private information of others, such as customers, employees or business partners. This can lead to civil claims against you, as well as fines and penalties under the Privacy Act. Your staff will be the strongest line of defence in your campaign to protect sensitive business and customer data from privacy breaches and malicious activity.

Protect yourself

Some basic steps you can take to protect your business against cyber attacks include:

  • Be alert and aware of the latest internet threats, which are constantly changing. By subscribing to the Federal Government’s free Stay Smart Online Alert Service (, you will receive regular updates on new cyber risks.
  • Never use pirated software, and always keep your operating system up to date with the latest patches. This greatly reduces the number of potential entry points into your computer that are available to an attacker.
  • Invest in good-quality antivirus software.
  • Train your staff to be especially careful with incoming emails. Many cyber attacks on small businesses begin with an email pretending to be from a legitimate source such a bank or an energy provider. The scammer may ask you to provide personal details or click on a link, giving them access to your systems and data.
  • Limit users’ permissions to install new software on your business computers.
  • Use good password policies, for example by ensuring they are strong and are regularly changed. Many cyber attacks make use of weak or stolen passwords.
  • Have a good data backup system. This guards against cyber attacks as well as hardware failure or human error. Offsite data backups can also help protect against catastrophic events such as a fire.

Cyber insurance

Standard insurance policies generally don’t include cover for cyber attacks, so specialised cyber insurance is becoming a must-have for any business connected to the internet. Cyber Liability Insurance forms of cover are designed to help businesses mitigate what could be significant costs associated with recovering following a cyber-related attack or security breach. While it won’t prevent an attack from happening, it can make all the difference in keeping the costs involved in the clean-up under control. Capricorn Insurance Services offers basic cyber cover, with the option of more comprehensive solutions if required.

Talk to your Capricorn Risk Services Account Manager about about how this form of cover can help protect your business from cybercriminals.

This article does not, nor is it intended to, constitute legal, financial or other independent professional advice. Please consult your professional adviser before relying on any information contained herein.

AU: Products sold through Capricorn Risk Services Pty Ltd (ABN 93 111 632 789) are: (i) discretionary risk protection products issued by Capricorn Mutual Ltd; and (ii) general insurance products issued by a range of insurers and brokered through Capricorn Insurance Services Pty Ltd. Before deciding to acquire any product you should consider the Product Disclosure Statement available from Capricorn Risk Services Pty Ltd to see if the product is appropriate for you. Capricorn Risk Services Pty Ltd is a Corporate Authorised Representative (No. 460893) of Capricorn Mutual Ltd (AFSL 230038) and Capricorn Insurance Services Pty Ltd (AFSL 435197).

NZ: Products sold through Capricorn Risk Services Pty Ltd (NZBN 9429041139813) include discretionary risk protection and general insurance products. Discretionary risk protection is issued out of Australia by Capricorn Mutual Ltd. Before deciding to acquire discretionary risk protection you should consider the Product Disclosure Statement to see if it is appropriate for you. This can be obtained from Capricorn Risk Services Pty Ltd by phoning 0800 555 303 via email or by visiting website General insurance products are issued by a range of insurers and are available through Capricorn Risk Services Pty Ltd as a member broker of PSC Connect NZ Limited. Capricorn Risk Services Pty Ltd is a registered financial services provider (390446) and a corporate Authorised Representative (No. 460893) of Capricorn Mutual Ltd (AFSL 230038).

This article was published 01/06/2022 and the content is current as at the date of publication.