IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

Trojan cyber attacks hitting SMBs harder than ever - Kaspersky

By Catherine Knowles
Mon 23 May 2022

When a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and unnecessary. However, this disregard for IT security is being exploited by cybercriminals.

Kaspersky researchers assessed the dynamics of attacks on small and medium-sized businesses between January and April 2022 and the same period in 2021 to identify which threats pose an increasing danger to entrepreneurs.

In 2021, small businesses were three times more likely to fall victim to fraudsters than larger companies. The average loss from a single cyber attack has exploded from $34,000 to just under $200,000.

In addition to financial hits, these companies have had to shoulder legal fees, compliance penalties, reputational damage and the loss of customers.

The researchers also found the total number of attacks have increased significantly.

For instance, in 2022 the number of Trojan-PSW (Password Stealing Ware) detections increased by almost a quarter compared to the same period in 2021 to reach 4,003,323 from 3,029,903.

Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.

Another top attack takes advantage of Remote Desktop Protocol (RDP) technology. With the shift towards remote working, many companies have introduced RDP, which enables computers on the same corporate network to be linked together and accessed remotely, even when the employees are at home.

Despite the normality of such technology, it puts the security of employee devices and the corporate systems of a business in danger, as RDP is of particular interest to cybercriminals.

With RDP in place, if the attacker gains access to the corporate network, they can then conduct fraud on any of the business’s computers that have been linked.

The overall number of attacks on RDP has decreased slightly, but not in all countries. For example, in the first trimester of 2021 there were about 47.5 million attacks in the United States, whereas for the same period in 2022 the number had risen to 51 million.

Many small businesses are unable to recover from such attacks. To prevent losses, business owners need to take better care of their business’s online security, the researchers state. This security begins first and foremost with employees.

According to public reports, the average employee has access to over 11 million files. The information that they have access to can vary from financial information or customer data to the secrets of their company's development.

Cybercriminals are aware of this, which is why most attacks on companies are conducted through its employees, who are often untrained in the cyber risks associated with their role.

One person in particular also has a huge bearing on a business's overall security - the IT specialist.

Advanced security services can provide built-in training to keep IT specialists up to date with the latest cyber threats, Kaspersky states.

Through training and education, business owners can turn them into sought-after cybersecurity specialists who are able to analyse how threats may hit their particular organisation and adapt technical and organisational cybersecurity measures accordingly. This will help businesses avoid additional costs related to breaches of their corporate systems, according to the researchers.

On top of this, the experts advise getting an advanced security product to provide incident analysis. Many organisations don't have any plan in place to mitigate a breach of their organisation, let alone the necessary protection to prevent an infringement in the first place.

This is particularly true if a threat infiltrates their system and goes undetected which is entirely possible if network monitoring and automated threat detection mechanisms aren't in place.

Having a special security solution enables attack visualisation and provides IT administrators with a convenient tool for incident analysis. The faster they can analyse where and how a leak occurred, the better they will be able to solve any negative consequences. 

Kaspersky security researcher Denis Parinov says, "With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups.

"Cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point.

"For small companies today, it's not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT-specialist is no longer a luxury but a must-have part of your business development."

Related stories
Top stories
Story image
Microsoft
Elders signs five-year agreement with Microsoft to boost innovation
Australian agribusiness Elders has signed a five-year agreement with Microsoft that looks to transform its customer experience, efficiency and sustainability outcomes.
Story image
Ransomware
Examining the future of ransomware threats with Vectra’s CTO
As customers' valuable data move to the cloud, so will ransomware. What is the current landscape and what do we need to know?
Story image
Apple
Your tools, your choice: why allow employees to choose their own devices?
Jamf Australia says giving your team the freedom to work with their digital device of choice could help to attract and retain top talent in a tight labour market.
Story image
AGVs
Bridgestone Australia uses Dematic's AGVs to optimise warehouse operations
Bridgestone Australia has deployed Dematic's Automated Guided Vehicle solution across its new Melbourne warehouse in Truganina.
Story image
Compliance
SentinelOne integrates with Torq to empower security teams
"With Torq, security teams can extend the power of SentinelOne to systems across the organisation to benefit from a proactive security posture.”
Story image
Collaboration
Enterprise service management: the importance of a one-stop shop
In an online world, employees and end-users want one place to go for all their questions and requests. Intranet technology and self-service portals are useful tools that help serve this purpose.
Story image
ABI Research
NaaS market expected to reach $150B by 2030 - research
"The market is immature and fragmented, but telco market revenue will exceed US$75 billion by 2030 if they act now and transform to align with requirements."
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Remote Working
RDP attacks on the rise, Kaspersky experts offer advice
"Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data."
Story image
Aspire
NEC expands Open RAN ecosystem with Aspire Tech acquisition
With its agreement to acquire Aspire Technology, NEC Corporation has further increased its capacity to deliver End-to-End Open RAN ecosystems.
Story image
Supply chain
Supply chains continue to be disrupted, enterprises embrace circular economy
“Businesses urgently need to find a solution that can help them to manage this disruption, and transition to a circular economy."
Story image
Sustainability
Honeywell named Frankston facility services provider
Honeywell has been named the joint facility services provider for Frankston Hospital’s AU$1.1 billion redevelopment.
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
API
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
CSG
To win at 5G, telcos must tame their quoting chaos
The catalogs of CSP (communication service providers) market offerings are set to explode as new digital services emerge, powered by B2B2X business models.
Story image
Adobe
Marketplacer and Adobe accelerate partnership for enhanced commerce solutions
Marketplacer has accelerated its partnership with Adobe in order to further enhance the global commerce marketplace.
Story image
Cybersecurity
Palo Alto Networks' cloud security platform receives IRAP assessment
"We provide help protect all forms of compute, cloud native services and access to data within public and private sectors."
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
Ransomware
Businesses unprepared to defend against ransomware attacks
Ransomware attacks continue to impact organisations worldwide with high costs, but businesses are still largely unprepared.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Cloud
BT builds on Equinix partnership with new cloud offering
BT has launched a next-generation cloud connectivity offering extending its global network into strategic carrier-neutral facilities (CNFs) and building on its existing partnership with Equinix.
Story image
Amazon
What brands can expect from Amazon Prime Day in Australia
Amazon Prime Day is the annual two-day shopping event, kicking off this year from July 12-13 and is the global online shopping platform's biggest sales event. 
PwC
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Artificial Intelligence
Decision Inc. partners with provenio.ai to expand offering
Decision Inc. Australia has partnered with provenio.ai to expand its offering to clients in the retail, FMCG, manufacturing, supply chain and logistics sectors.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
PwC
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Media
Registrations for the W.Media Sydney Cloud and Datacenter Convention 2022 now open
Are you a C-Level executive looking to enhance your knowledge in the cloud and data center space in order to get the best results for your company?
Story image
Artificial Intelligence
Vectra AI named as AWS security competency partner
Threat detection and response company Vectra AI has announced that it has become an Amazon Web Services Security Competency Partner.
Story image
Airwallex
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
SaaS
Ping Identity appoints Deloitte Australia as a partner
Ping Identity has appointed Deloitte Australia as a Consulting Technology Partner, uniting its offerings with the company's consulting services.
Story image
Metaverse
How the metaverse will change the future of the supply chain
The metaverse is set to significantly change the way we live and work, so what problems can it solve in supply chain management?
Story image
IDTechEx
The next stage for 5G in thermal materials - IDTechEx
IDTechEx says higher frequency deployments, such as mmWave devices and very different station types such as small cells, present their own technological evolution and, with it, thermal challenges. 
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Apple
Jamf introduces new content filtering solution for education providers
Jamf has announced the launch of Jamf Safe Internet, a new offering that looks to deliver a safe online experience to students while offering better management options for admins.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why it's time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image