Australian internet users were also affected by the cyber-attack with The Sydney Morning Herald reporting on 22 October that: “Popular Australian media, banking, insurance, retail and hotel websites experienced outages and interruptions following cyberattacks in the US overnight”.
Among the Australian websites that experienced disruptions were banking sites ANZ, BankWest, NAB and Westpac and media sites such as The Daily Telegraph, and The Sydney Morning Herald. Retail giants Coles and Woolworths were also affected.
Wake up call
Commenting on the cyber-attack, Dynatrance data expert, Dave Anderson, said:
“While not as severe as the US, Australian sites were definitely experiencing performance problems as a result of the DDoS attacks overnight.”
“While it’s a bit unlucky for these Australian sites to have been hit, it’s a wake-up call for everyone with an online presence. You’re on 24 hours a day and these performance issues will be part of the daily digital life ongoing.”
Similarly, cyber risk expert, Fergus Brooks, from risk management company, Aon Australia, said that every business should look at how they could be impacted.
“This is an attack on the infrastructure of the internet itself as opposed to attacking specific companies.”
Cyber threats on the rise
In its 2016 Threat Report, the Australian Cyber Security Centre (ACSC) revealed that between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses.
Of those, 418 involved systems of national interest and critical infrastructure.
And in Europe, a recent survey by Lloyds of London found 92% of European respondents said their company had suffered a data breach in the past 5 years, while 3% said they had “come close”.
Only 5% said they had not suffered a breach or were unaware that they had.
Australian businesses acknowledge the risk
Most businesses today, whether large or small, rely on digital technology for day-to-day operations, for interacting with suppliers and customers and for storing important records such as customer information.
And while many Australian small businesses have been slow to insure against the risk of cyber-attack, this is now beginning to change.
According to a survey by technology company, Symantec, nearly 20% of Australian small businesses plan to take out cyber insurance in the next year. Only 14% of small businesses are covered now.
Symantec’s Cyber Security Survey also revealed that 19% of small businesses experienced a cyber-attack this year and that 20% of businesses with cyber insurance have made a claim.
How cyber insurance can protect your business
Cyber insurance can provide protection against cyber-attacks and other related incidents that can impact your business.
Depending on the insurer and level of protection required, cyber insurance can cover your business for:
- Privacy breaches – protection against third party claims for loss of personal information, corporate information, employee information, personal information held by service providers. Also defence costs.
- System damage – cover for lost, damaged or destroyed IT systems, IT records/data, retrieval, repair, restoring or replacing data systems or hardware, external IT, forensic or security consultant costs.
- Business interruption – loss of profits due to a cyber event.
- Computer virus & hacking – liability arising from hacker attack or virus, loss or theft of data or data for which you are responsible, attacks by employees or third parties, loss by phishing or denial of service attacks.
- Computer crime – cover for crime losses including loss of money or property, loss of money or property from service providers’ systems, loss caused by rogue employee or a third party.
- Breach of statutory duties – from ecommerce business, defence costs and compensation.
- Extortion – covers payment of ransom, costs of negotiating, mediating due to extortion attempt and crisis management costs to resolve a security threat.
- Brand & personal protection – public relations costs to protect your business brand or reputation of senior executives.
- Privacy fines & investigations – includes fines and penalties incurred due to a privacy breach. Cover for defence and investigation costs.
- Privacy breach notification and loss mitigation – covers breach costs including credit monitoring, identity theft monitoring, data restoration and forensic costs. Includes your legal costs, access to call centre support services. Covers actual or suspected privacy breaches.