Many businesses struggle with the issue of prioritising malware and other cyber security threats. Measuring the return on investment for cyber security spend is often difficult as attacks avoided are hard to quantify. Conversely, businesses that have been affected by a successful malware attack often invest heavily, to the point of overinvesting due to the cost and damage incurred.
It is strongly recommended that malware be treated like any other risk to a business’s operations, and be assessed by its likelihood and impact, with mitigation activities and budget allocated in alignment with that assessment.
Likelihood of a Malware Incident
The unfortunate truth is that due to the ease at which malware ‘kits’ can be purchased online, the low skill requirements to deploy them, the ability to deploy them from different legal jurisdictions and the often-lucrative results, malware is a common occurrence.
Sophos, a security software vendor, commissioned a report in 2020 which surveyed 5000 IT leaders and found that of the Australian respondents, 48% had suffered a successful malware attack in the 12 months prior. To reinforce this, many high-profile Australian organisations fell victim to malware in 2020 including Service NSW4, Lion Australia, BlueScope6 and Toll Group.
While the threat of malware starts with a probable likelihood for all businesses, some factors can increase an organisations exposure to malware and should be considered when assessing the likelihood of an attack:
- I.T. competence– Many malware attack techniques rely on simple methods to gain access, which may be missed by non-savvy or untrained staff.
- Public image – A large public image or if the organisation is sometimes covered in mainstream media can increase the likelihood of malware attacks as attackers attempt to create a reputation for themselves.
- Industry – Certain industries, such as Financial Services and Healthcare, are disproportionately targeted by malware.
- A large technology environment, such as large server estates or highly computerised operations, creates a wider footprint exposed to attack.
- Current cybersecurity posture – Cybercriminals are often scanning the internet for weaknesses, meaning leaving holes in defences can attract additional malware attention over and above what the organisation would have received otherwise.
- Historic attacks– previous successful attackers are used by attackers as a sign of weak defences, and often result in increased future targeting. This increases exponentially where a ransom has been paid, as it marks the victim organisation as one likely to pay ransoms in future attacks.
Three Simple Questions To Ask Yourself
- How confident am I my current cyber defence uses modern practises and technology
- How I.T. savvy is my team
- How public is my brand and image
High risk of a malware attack leaves your business open to cost of internal downtime, lost sales, value of lost data, damage to brand and reputation, increased insurance, cost of dissatisfied customers and more.