Working from home makes NZ businesses sitting ducks
By: Unify Solutions
While large companies are generally the target of cyber criminals, Wellington-based cyber security professional Samrat Choudhury warns that now anyone is fair game.
"Lockdowns are hunting season for cyber criminals," said Mr Choudhury, chief operating officer for UNIFY Solutions.
"Microsoft has reported eight trillion attacks across its systems every day.
"Although large companies are frequently targeted, what we have noticed in previous lockdowns in New Zealand and Australia is that cyber criminals have begun to heavily target small and medium sized businesses."
Mr Choudhury said businesses of 500 to 1000 employees and medium-sized charities that do not have sufficient security in place were in the sights of cyber criminals.
"Medium and small business don't think it will happen to them, yet statistically we know that's not true," he said.
"In fact, 66 per cent of small to medium business worldwide have experienced a cyberattack of some kind in the past year."
The average cost of a data breach to a company US$2.82 million (NZ$4.1m), according to the IBM-Ponemon Institute's Cost of a Data Breach 2021 report, an increase of more than 30 per cent on the previous year. Companies take an average of 10 months to detect and contain data breaches. For example, the data breach experienced by the Reserve Bank of New Zealand earlier this year was estimated to be around NZ$3.5 million, not including the cost of improving processes as a result of the breach.
Mr Choudhury said cyber criminals stalk an organisation looking for weaknesses.
"They will try to find easy entries by stealing an employee's identity, testing for less sophisticated systems, look for businesses without an IT team or one that is potentially distracted with trying to help keep their remote workforce online.
"They will spend days testing cyber walls looking for a way in. The worst of it is, most times an employee will unwittingly hand the robber the key to the safe.
"It is frustrating for our team to see breaches that could have been easily prevented by simply better management of employee passwords and information."
According to a recent State of Cybersecurity Report by American independent researcher Ponemon Institute, small to medium businesses worldwide have reported 68 per cent of employee passwords were lost or stolen during the past year.
The most common attacks were through phishing emails, social engineering, compromising or stealing devices and credential theft.
Email Sequel PR for further comment or to interview talent.