A cyber attack on a company or individual may be a digital assault intended to disable computer networks through the use of malware, viruses and social engineering.

Cyber-attacks may be used to steal or destroy data or access valuable and sensitive information. And the criminals behind the assaults are getting more sophisticated and tougher to defend against.

Research by Accenture in 2021 indicates that 43% of US cyber attacks are aimed at small businesses. It’s therefore crucial for every firm to be aware of the heightened threat and take steps to help minimise the chances of their network being breached as such attacks can have very serious consequences.

Aon has highlighted five of the most important impacts:

• Financial loss through theft.
• Reputational damage.
• Destruction of business records or customer information.
• Exodus of customers and revenue.
• Loss of intellectual property.

Active and passive assaults

Most cyber attacks fall into two categories. Active attacks aim to disrupt or alter a computer system, while passive attacks quietly collect data and often go undetected for long periods of time. Four commonly used methods are:

Denial-of-service (DoS): This happens when a server or network is so overwhelmed with connection requests it’s unable to cope and either slows down or crashes.

Malware: Malicious software can collect and transmit data, sabotage the system and even actively install harmful software, including spyware and viruses. It’s usually introduced when someone clicks on a dangerous link or downloads an email attachment.

Person-in-the-middle (PitM): Also known as ‘eavesdropping attacks’ these involve a cybercriminal intercepting information sent between the user and web service, often harvesting passwords, usernames, payments and personal details. Unsecured websites and compromised Wi-Fi networks are often to blame.

Phishing: A frequently used tactic involving sending emails from false accounts requesting log in credentials or personal information, and often including a link that downloads malware.

How to help protect your company

A range of safety precautions and security packages exist that may significantly reduce the chances of a data breach, however companies should seek advice from an IT specialist who can tailor solutions to particular needs and discuss antivirus software, firewalls and spam filters that may lower the chances of a member of staff accidentally opening a dangerous email.

Another factor is data backup and system access permissions which should also be updated regularly, especially when an employee leaves the business.

Find out more:

Visit aon.com.au for details of Aon’s suite of risk management services and how it can help protect your business from cyber attacks.

Aon has been appointed CA ANZ’s preferred PI member benefits partner for practitioners. As SME specialists for all the typical insurance needs of chartered accountants, Aon delivers industry-specialised advice and service. Visit aon.com.au/ca for details.

_{© 2023 Aon Risk Services Australia Limited ABN 17 000 434 720 AFSL 241141 (Aon) The information contained in this communication is general in nature and should not be relied on as advice (personal or otherwise) because your personal needs, objectives and financial situation have not been considered. Before deciding whether a particular product is right for you, consider your personal circumstances, as well as the relevant Product Disclosure Statement (if applicable), Target Market Determination and full policy terms and conditions available from Aon on request. All representations in this communication in relation to insurance products Aon arranges are subject to full terms and conditions of the relevant policy. Contact Aon if you have any queries.}