McAfee has found that 62.5 per cent of Australian SMBs have experienced a cyber attack in the last 12 months.
The discovery was made in recent McAfee survey, titled The State of Cyber Security in Australian SMBs, which found that local businesses are still susceptible to viruses, worms or Trojans.
McAfee Asia Pacific SMB lead, Robbie Upcroft, said the number is in line with what the vendor is seeing worldwide.
“The challenge that we are facing in Australia potentially more than in other markets is, because of the robustness of our economy, every SMB has data stored digitally, whether it is on servers, phones or online,” he said.
“That makes it attractive to someone.”
Upcroft said that most local SMBs are “fairly complacent” about security in general, because they feel they are too small to be of interest to anyone.
However, the report disproves this notion by finding that 44.5 per cent of businesses have experienced a targeted attack, with 21 per cent of this number experiencing three or more targeted attacks.
“The reality is that SMBs are not only facing targeted threats, but they are also susceptible to more automated threats that trawl the Internet looking for unprotected servers or sites that they can then go and attack,” Upcroft said.
Because a lot of SMBs do not have any security policies in place, Upcroft said the intention with this research such as this is to get a conversation going in the SMB industry and in the channel.
His recommendation to SMBs is to carry out a security audit through a partner that “knows what they are talking about” and has been certified by a security vendor like McAfee and.
“Viruses in the past such as Melissa and ILOVEYOU were designed to take down some servers and cause some havoc, but they were not specifically looking to attack data,” Upcroft said.
“Now, the malware we are seeing are specifically targeting databases and servers where we keep all of our information.”
The survey also found that 46 per cent of SMBs experienced security breach or loss by deliberate sabotage from current or former employees in the last year.
Out of those SMBs, 24 per cent experienced a data breach or loss three or more times.
While Upcroft admits that security in IT is the core issues, he adds that it is a people problem as much as an IT one.
“A lot of SMBs said they do not have policies in place, they do not have procedures to who has access to which data, have not done a security audit, and have no policies in place around BYOD,” he said.
McAfee is also finding an increasing number of local SMBs being held to ransom via ransomware, as well as losing data through internal theft and loss of unencrypted mobile devices.
Because IT security is also a people problem, Upcroft said there is a lot of opportunity for resellers to go in there and act as that trusted advisor.
“It is up to the reseller to help the SMB understand what data is at risk, how they can protect it and how an attack can be prevented from happening in the first place,” he said.
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.