November 30, 2022 10:55 AM

cybersecurity for SMEs: recent breaches & how to protect your business

Since the start of the COVID-19 pandemic, instances of cybercrime have increased by 600 per cent. With over half of all cyberattacks happening to SMEs, it’s critical that businesses understand how recent attacks have occurred and proactive steps that can be taken to minimise cybersecurity risks. This article outlines examples of recent cyberattacks, how they occurred, and what SMEs can do to protect themselves. Keep reading to learn more. 

recent examples of cyberattacks on organisations

With cyberattacks on the rise, many recent examples across Australia and New Zealand demonstrate just how costly it can be to detect and recover from cybercrime. These examples, covered widely in the media, have happened to large organisations that collect and store millions of points of identification and personal financial information — valuable data for cybercriminals looking to commit fraud and other crimes. 

Recent cyberattacks on large Australian and New Zealand companies include:

  • Optus: The Optus breach made headlines in late September after up to 10 million customer records were exposed in a data breach. The attack was caused by an application programming interface (API) that didn’t require authentication. This means anyone with the URL to the API could access the customer information stored in this location.
  • Medibank: Australia’s biggest health insurer experienced a cyberattack in October, where data for almost 10 million customers was stolen. Since the attack, the data has been periodically leaked on the dark web, exposing people to an increased risk of identity theft and financial loss. The attack was caused by the theft of login credentials belonging to a person with privileged access to the company’s systems. 
  • New Zealand Reserve Bank: The RBNZ was the target of a data breach in January 2021, when cybercriminals accessed the organisation’s data that was stored with a third-party hosting provider. Leaders within RBNZ have cited under-investment in cybersecurity systems and infrastructure as a contributor to the breach.

These examples demonstrate that accessing and selling personal and privileged commercial data are key objectives of cyber criminals when large organisations are hacked. While each cyberattack is unique, it is often the result of ineffective cybersecurity systems and infrastructure, a malicious insider attack, or a failure to keep technology and software systems current. 

common cyberattacks targeting SMEs

Aside from large-scale data breaches, there are other cybercrime risks that SMEs should be aware of to prevent the compromise of sensitive information or financial loss. Common scams targeting SMEs include: 

  • Business email compromise (BEC), where an email that may appear legitimate requests payment to a new bank account
  • Payroll scams, where a cybercriminal may contact HR and payroll staff requesting that an employee’s pay be redirected to the scammer
  • Whaling and spear phishing, where a fraudulent email is sent asking the receiver to urgently action a task, often requiring sensitive business information, such as company information and passwords or financial details. 

Understanding how to recognise and protect the business from these cyberattacks is critical to maintaining secure storage of the company’s information and resources. 

how SMEs can protect themselves from cyberattacks

It’s estimated that a single cyberattack can cost a business an average of $276,323, with 53 per cent of this cost going toward detection and recovery. To proactively protect against cyberattacks, SMEs should ensure it has the latest technology hardware and software operating in the business. Not only does this make people’s work more efficient, but using current technology makes it easier and faster to run system updates, makes cybersecurity systems run more efficiently, and ensures you always have support for the software programs used in the business. 

Further, setting internal protection policies such as phoning a colleague or speaking with them face-to-face before clicking any links in an email can prevent the business from falling victim to scams targeting SMEs. While it can feel daunting to protect your business from cybercrime when it’s on the rise, maintaining an attitude of vigilance and investing in strong hardware and systems will help to minimise your risk of a cyberattack.

reduce your cybersecurity risk with moneytech’s finance solutions

Moneytech’s finance facilities help SMEs to ensure their technology is always current and their business is protected from cybersecurity threats. Whether you need to invest in technology to safeguard your internal systems, or you’re looking to upgrade your hardware, our solutions allow businesses to invest in the best technology without the burden of a large upfront capital investment. Further,  by securing the latest IT and cybersecurity infrastructure for your company, you can make system updates and software upgrades faster and easier. This not only helps your people be more productive but it makes your cybersecurity protection measures run more efficiently too. 

Moneytech makes accessing the finance to protect your business’s cybersecurity simple. Contact us today, and one of our experts will be in touch to discuss your options.



This article is for information purposes only and does not constitute financial advice. You should speak to a qualified finance professional about your unique situation before making any decisions about financial products.

Back to top 

There are no previous news


There are no next news


Speak to a lending specialist

grid divider
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Moneytech background

contact us

Call us on 1300 858 904 for a quick chat on how we can help your business grow.
Contact us now
*This information does not take into account your personal objectives, circumstances or needs. Consider its appropriateness to these factors before acting on it. Read the disclosure documents for your selected product or service before deciding whether to purchase them. ABN: 24611393554