Know your enemy:

Your guide to cyber security for your business

Watch video
Australia is one of the world’s biggest targets for cyber attacks.
Each year, at least 1 in 2 Australian businesses was hit by one or more cyber attacks.
Each month, almost 1 in 4 Australian businesses have their operations interrupted by cyber attacks, double the rate of 2014.
In 2016, the number of cyber-security incidents detected in Australian businesses soared 109%, compared to the global average of 38%.


The average cost of a cyber attack for an Australian business.


Proportion of attacks that hit small- to medium-sized businesses.

There are three main types of cyber attack:

  • Malware
  • Phishing
  • Ransomware
Here’s how they work
and how you can defend against them.

Malware: How it works

Malware covers a huge range of software that all has one thing in common: doing things they shouldn’t.

Malware can infect a computer or network in a variety of ways. Common types include:

  • Spyware

    Software that records computer activity, including sensitive financial information, and transmits without the computer user’s knowledge.

  • Keylogger

    This spyware records and transmits keyboard and mouse activity on a target computer, allowing attackers to steal passwords or other information.

  • Worms and viruses

    Once inside a system, these files can replicate themselves and spread throughout a network, often overloading web servers.

  • Ransomware

    One of the biggest threats to businesses, ransomware can encrypt all of an infected computer’s files, rendering it useless until a ransom is paid.

  • Bots

    Bots allows attackers to take control of infected systems. Networks of bot computers are sometimes harnessed to wreak even greater damage.

There are numerous ways malware can in infiltrate a company network:

  • Phishing:

    Emails purporting to be from legitimate sources are often used to lure users into opening files or clicking links that contain malware, giving network access attackers without the computer user’s knowledge.

  • Infected USBs:

    Hackers have been known to leave malware-infected USBs outside targeted company premises, often marked Private or Confidential. Human curiosity means many people will plug them into their company computer and open the files within, bypassing many security defences and letting malware loose in company network.

  • Drive-by downloads:

    Malware infections can be caused by an action as simple as visiting a website that hosts malicious code that scans for vulnerabilities in browsers. Even respected websites aren’t necessarily safe, with attackers often inserting their code into advertisements they have bought on legitimate websites.

What you can do

Cisco Advanced Malware Protection (AMP) not only screens incoming traffic, but uses global cyber intelligence from Talos to identify and block malware before it tries to access your network. AMP identifies and removes malware that’s already infected a network, while retrospective security uncovers the origin of malware.

If, for example, the system detects a Microsoft Word attachment hiding malware, AMP can not only isolate, and remove the malware, but also track where that Word document was sent, to block other attacks.

AMP learns from each threat, incorporating intelligence from Talos to prevent reinfection. Suspicious programs are sandboxed – quarantined and then run in isolation to see if they contain malware.

Learn more

Phishing: How it works

  • Phishing uses fraudulent emails to trick people into giving attackers personal info or gaining system access.

  • An estimated 68% of all email traffic contains malicious, potentially dangerous content.

  • The most dangerous type is spear phishing, where emails are tailored for their targets using public information.

  • The average cost of a successful phishing attack to an Australian business is $23,209.

  • 45% of all cyber security incidents are caused by staff clicking on attachments or links sent via emails.

  • One click is all it takes for malicious content to infect a network and target vital company IT infrastructure.

What you can do

The frontline defence in repelling phishing attacks are email security applications. Cisco Email Security inspects more than 200 email attributes to determine legitimacy and block suspicious messages.

Cisco Outbreak Filters quarantine suspicious, possibly toxic incoming and outgoing messages until they can be verified across multiple antivirus databases.

Phishing attacks, and their origins, change constantly. Your protection needs to be dynamic and forever updating. The cyber intelligence team at Cisco’s Talos seamlessly updates Email Security every three to five minutes with the latest threats. The Talos intelligence network monitors 75 TB of web data a day, providing 1.5 million threat samples a day to Cisco security products.

Learn more

Ransomware: How it works

  • 1. In a typical attack, a user receives a phishing email that looks legitimate. It could appear to be from a company email address, or from someone they know.

  • 2. Suitably prompted, the user clicks a link or downloads an attachment in the email, giving ransomware access to his or her computer and the broader company network.

  • 3. The ransomware encrypts files and data, locking users out of their network and bringing the target business to a grinding halt. If it’s an ecommerce business, all trading ceases.

  • 6. Even after paying the ransom, around half of the businesses targeted by ransomware experience significant downtime and data loss as a result.

  • 5. Australian businesses pay an average ransom of $15,747 to get back their data, but individual ransoms can be much higher.

  • 4. The company receives a message demanding a ransom to get back file access or risk losing their data forever. Attackers usually request payment in untraceable bitcoins.

What you can do

Cisco Email Security and Umbrella DNS provide dynamic security against ransomware. The frontline of cyber security is Umbrella DNS, screening and blocking fraudulent and legitimate websites containing ransomware or malware before a connection is ever made.

Umbrella DNS is cloud-based to provide security for all users on or off a network – essential cover for mobile devices and employees working out of office. Only suspicious websites are redirected by Umbrella DNS for further investigation, offering robust security without compromising network speed or performance.

If you manage to connect to a malicious website, Umbrella DNS blocks the site from requesting data, protecting your network until the threat is removed.

Learn more

Subscribe for updates

Cyber criminals never stand still and neither should you. Enter your email to stay up-to-date on threats and innovations in cyber security.