Small businesses urged to bolster cyber-security measures
Small-business clients have been urged to enhance their cyber-security protocols and resilience as the recent conflict in Ukraine has increased the risks of cyber attacks for Australian organisations, according to CPA Australia.
CPA Australia senior manager of business policy Gavan Ord said the Australian Cyber Security Centre (ACSC) is warning that as a result of the conflict in Ukraine, the risk of cyber attacks on Australia-based businesses has increased.
“All Australian businesses should urgently adopt an enhanced cyber security position,” Mr Ord said.
“We are not aware of any specific cyber threats or incidents involving Australia, however, we have been advised that businesses overseas have been impacted.”
Mr Ord warned that Australian small businesses have low levels of cyber resilience and preparedness generally.
“This is an urgent wake-up call to them. They must take urgent action or wear the consequences,” he commented.
“While Australia is a long distance from the conflict, we are only a keyboard click away from malicious cyber actors. Cyber criminals can cause millions of dollars in damage and the loss of sensitive client and financial data.
“We’re encouraging businesses to seek advice from their accountant on improving cyber resilience in a heightened threat environment.
“Practitioners should use their client communication channels to advise their business clients of this risk.”
The ACSC said there had been a historical pattern of cyber attacks against Ukraine that have had international consequences that can inadvertently hit Australian businesses. Malicious cyber activity could impact Australian organisations through unintended disruption or uncontained malicious cyber activities.
“The ACSC is aware of reporting that threat actors have deployed destructive malware to target organisations in Ukraine. This advisory provides additional indicators of compromise (IOCs) to assist organisations to detect WhisperGate and HermeticWiper destructive malware,” the ACSC said.
“Destructive malware can present a direct threat to an organisation’s daily operations, impacting the availability of critical assets and data.
“Organisations should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required.
“Organisations should also assess their preparedness to respond to any cyber security incidents, and should review incident response and business continuity plans.”
The ACSC has published Cyber Incident Response Plan – Guidance & Template to assist organisations in producing an incident response plan.
Tony Zhang
Tony Zhang is a journalist at Accountants Daily, which is the leading source of news, strategy and educational content for professionals working in the accounting sector.
Since joining the Momentum Media team in 2020, Tony has written for a range of its publications including Lawyers Weekly, Adviser Innovation, ifa and SMSF Adviser. He has been full-time on Accountants Daily since September 2021.