Search Results

< News Cybercrime Incident Costs Triple for Australian Enterprises 21 Oct 2025 The latest Annual Cyber Threat Report from the Australian Cyber Security Centre (ACSC) revealed that the average cost of a cybercrime incident to large Australian businesses has more than tripled year on year. This alarming surge reflects not just the growing sophistication of cybercriminals, but also the expanding attack surface of enterprise systems and the rising stakes of data breaches in an increasingly digitised economy. Why Average Costs are Skyrocketing Several converging factors explain the dramatic escalation in financial impact. High-Value Assets : Large businesses hold vast troves of sensitive data — customer records, intellectual property, financial systems. These are prime targets for ransomware and data exfiltration. Cybercriminals are increasingly tailoring attacks to exploit these assets, demanding higher ransoms and causing deeper operational disruption. Supply Chain Vulnerabilities: Enterprises often rely on complex ecosystems of vendors, partners, and third-party platforms. A breach in one node can cascade across the network, amplifying the damage and complicating response efforts. Regulatory Penalties and Legal Exposure: Stricter data protection laws mean that businesses can incur hefty fines and legal liabilities for a breach. The reputational fallout can also erode customer trust and shareholder value. Extended Downtime and Recovery Costs : Cyber incidents often cripple critical infrastructure, leading to prolonged outages, lost productivity, and expensive recovery operations. For large businesses, even a few hours of downtime can translate into millions in losses. According to the ACSC, the average cost per incident for large organisations has surged from to over AUD $202,000 in just one year. It’s a stark reminder that reactive security is no longer sufficient. MFT: A Strategic Shield One of the most overlooked yet powerful tools in the cybersecurity arsenal is Managed File Transfer (MFT). Unlike ad hoc file sharing methods such as email attachments, cloud drives, or FTP, MFT provides a secure, auditable, and policy-driven framework for exchanging sensitive data. Here’s how MFT — such as the class leading GoAnywhere MFT — helps businesses reduce cybercrime exposure. End-to-End Encryption : MFT platforms encrypt data both in transit and at rest, ensuring that even if intercepted, the contents remain unreadable to unauthorised persons. Access Control and Authentication : Granular permissions, multi-factor authentication, and role-based access prevent unauthorised users from accessing or manipulating files. Automated Workflows and Monitoring : MFT systems can automate file transfers with built-in logging and alerts, reducing human error and enabling rapid detection of anomalies. Compliance and Audit Trails : MFT solutions often include detailed audit logs and compliance reporting features, helping organisations meet regulatory requirements and demonstrate due diligence in the event of an incident. Reduced Shadow IT : By centralising file transfers within a secure platform, MFT reduces the risk of employees using unapproved tools that bypass corporate security controls. From Reactive to Resilient As cyber threats grow in scale and complexity, large businesses need to shift from reactive defence to proactive resilience. This makes investing in secure infrastructure like Managed File Transfer more than a mere technical upgrade. GoAnywhere enables further resilience by providing High Availability and Failover through active-active clustering, enabling multiple GoAnywhere installations to work together in a distributed environment.  This way, if one node fails or is compromised, other nodes seamlessly continue processing file transfers and workflows, minimising downtime and maintaining service continuity.  The tripling of cybercrime costs is a wake-up call. By securing the channels through which data flows, organisations can close critical gaps, reduce breach likelihood, and contain the “blast radius” when incidents occur. In a landscape where every file could be a vector and every transfer a risk, MFT offers the control, visibility, and security that modern enterprises need. Standing By to Help At Generic Systems Australia , we’re Australia and New Zealand’s experts in helping business take advantage of GoAnywhere’s many capabilities. We’ve assisted dozens of organisations to make their file transfers resilient, secure and reliable — boosting their efficiency in the process. If you’d like to discuss how we can deliver these advantages to your organisation, please feel welcome to get in touch with me. I’m always happy to have an obligation-free chat and explain how easily we can transition you from your current approach to a new world of cyber security and productivity. At Generic Systems Australia, we’re your local experts in data transfer. Previous Next

< News Cyber Security and The Illusion of Invisibility 18 Aug 2025 When it comes to cyber theft, the bigger the firm, the bigger the headline. Optus, Medibank, Qantas, Latitude Financial, and the ANU… all of these high-profile Australian organisations have endured unwelcome time in the spotlight after mishandling their customers’ data. Widespread public familiarity with their brands, as well as their large customer bases, made them more prone to negative media attention when their cyber security lapsed. Smaller businesses – equally big targets The media’s focus on the cyber travails of large organisation can inadvertently create a false sense of security among medium and smaller organisations. That is, because there’s barely any media coverage of cyber theft from less well-known organisations, medium and small companies can be lulled into dangerous complacency about just how vulnerable and targeted they are. The reality is that medium and smaller organisations are prime targets for hackers. Illusion of Invisibility Because they’re not in the headlines, many medium and smaller businesses assume they’re “flying under the radar” as targets for cyber criminals. However, that’s exactly what makes them appealing targets. Hackers reason that medium and smaller firms likely lack the hardened defences of larger organisations – while still harbouring significant and attractive amounts of sensitive customer data. Stats tell Story Statistics from the most recent Annual Cyber Threat Report from the Australian Signal Directorate (ASD) add further perspective to the comparative threat. Last year, more medium-sized businesses reported “Extensive Compromise” cyber attacks than large businesses. The same was true in the next lower category of cyber severity, “Isolated Compromise”. Tellingly, large organisations reported more than three times the rate of success in repelling low-level malicious attacks vs medium-sized organisations. A further alarming insight is that the average financial loss incurred by medium-sized organisations due to cybercrime was almost identical to the average financial loss for large organisations. Smaller Size, Larger Vulnerability The 2024 Sophos Threat Report found that the sophistication of cyberthreats faced by small to medium organisations is often on par with those used to attack large enterprises. In forums on the dark web where cyber criminals trade tips, it’s been said that the spoils from breaching a larger number of medium-sized organisations more than offsets the returns from less frequently successful attacks on large organisations. Sophos found that organisations with fewer than 500 employees were more vulnerable to cyber criminals. Underinvestment in cybersecurity, generally smaller information technology budgets and sometimes, less-experienced IT staff or outsourced providers, all contributed to this heightened vulnerability. Sophisticated Threat Landscape The cybercriminal ecosystem has evolved rapidly to become ruthlessly efficient. Mirroring the legitimate economy, it now features specialised roles and skillsets, intermediaries and brokers, and sophisticated black market networks to facilitate transactions. Ransomware-as-a-service (RaaS) groups lease their code to affiliates, and Business Email Compromise (BEC) schemes exploit social engineering techniques to bypass technical protections. Infostealers quietly exfiltrate login data, payment card info, and browser-stored credentials before victims even realise that anything’s awry. Stepping Up Safeguards Businesses need to similarly evolve their safeguards. Spam filters and firewalls are no longer enough. The key to successfully defending against encroaching cyber threats is to use a multi-layered strategy which includes robust data transfer protection, phishing campaign detection, prevention of credential harvesting, employee training, and mitigation against BEC attack by analysing behavioural anomalies and sender authenticity in real time. A Secure Managed File Transfer solution such as the class-leading GoAnywhere MFT addresses the many risks of ad hoc techniques through a holistic approach to security, including: Automatic authentication, encryption and decryption User access controls Auditing and Reporting Continuous updates on the evolving threat landscape, and Industry standards compliance. A further defensive layer - our Advanced Threat Protection Bundle - can mask, remove, or permit Personally Identifiable Information to be moved within your organisation and beyond, via a Secure ICAP Gateway. Invisibility Isn’t Security Just because smaller firms aren’t in the headlines, don’t assume they’re not falling prey to cybercrime. The seductive illusion of “flying under the radar” is exactly what makes smaller organisations appealing targets. And, because they often lack the hardened defences of larger organisation - while still handling sensitive data - they’re more vulnerable to the threats. Here to Help At Generic Systems Australia , we’re Australia and New Zealand’s local experts in helping businesses add the protective layers of Managed File Transfer and Adanced Threat Protection to their cyber defences. If you’d like to discuss how we can help your organisation, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how easily we can step up your cyber security. At Generic Systems Australia, we’re your local experts in Managed File Transfer. Previous Next

< News Managed File Transfer: Conductor of Your Enterprise IT Orchestra 4 Dec 2025 In today’s enterprise IT landscape, complexity is the rule rather than the exception. Organisations rely on dozens—sometimes hundreds—of applications, platforms, and services to keep operations running smoothly. Each system has its own rhythm, is its own “instrument,” and has its own way of producing value. The challenge lies not in the individual performance of these systems, but in how well they coordinate with one another. This is where Managed File Transfer (MFT) can step up and play the role of orchestra conductor. Your IT Orchestra Imagine your enterprise IT environment as a vast orchestra. The finance system is the brass section, bold and powerful. The HR platform is the woodwinds, steady and supportive. The customer relationship management tool is the strings, agile and expressive. Each application has its own sheet music, tuning and timing. Left to themselves, these musicians might play well individually. But without guidance, the ensemble risks descending into cacophony. MFT ensures that every musician receives the right cues, at the right tempo, and in the right order. It doesn’t matter if the ERP system “plays” in one key and the analytics platform in another; MFT provides the synchronisation and structure that allows them to perform together harmoniously. Timing and Precision In an orchestra, timing is everything. A single misplaced note can disrupt the entire performance. Similarly, in enterprise IT, a delayed or failed file transfer can ripple across departments, causing inefficiencies or even compliance risks. MFT acts as the baton, ensuring that data moves securely, reliably, and on schedule. It enforces discipline across the ensemble, so that the payroll system receives its inputs before payday, the supply chain platform gets its updates before shipments, and the analytics engine has fresh data before executives make decisions. Security as the Score A conductor doesn’t just wave a baton; they interpret the score, ensuring fidelity to the composer’s intent. In IT, the “score” is the organisation’s security and compliance requirements. MFT enforces encryption, authentication, and auditing, ensuring that sensitive data is handled in accordance with regulations. Just as a conductor prevents the orchestra from straying off‑script, MFT prevents systems from improvising in ways that could compromise security or compliance. Flexibility and Adaptation Orchestras often perform different pieces, requiring the conductor to adapt to new tempos, styles, and arrangements. Likewise, enterprises constantly evolve—adding new applications, integrating with partners, or scaling to meet demand. MFT provides the flexibility to incorporate new “musicians” without disrupting the ensemble. It abstracts away the complexity of how systems connect, so IT teams can focus on the music rather than the mechanics. A Successful Symphony Ultimately, the value of MFT lies in its ability to transform disparate systems into a unified performance. It ensures that the finance section doesn’t drown out HR, that analytics doesn’t rush ahead of operations, and that customer data flows seamlessly across the organisation. The result is not just efficiency, but coherence—a symphony of systems working together to deliver business value. MFT is more than a logistics tool; it is the conductor that turns enterprise IT from a collection of talented but isolated musicians into a world‑class orchestra. By ensuring timing, security, and harmony, MFT enables organisations to perform at their best—producing not noise, but music. Here and Ready to Help At Generic Systems Australia we have decades of experience helping Australian and New Zealand organisations become more efficient, organised and protected through the power of the world’s leading MFT solution . Our Migration Service makes the transition even easier. If you’d like a no-cost, no-obligation discussion about how we could help you simply and affordably adopt an advanced MFT solution, please feel welcome to get in touch with us. At Generic Systems Australia, we’re your local experts in secure Managed File Transfer. Previous Next

Advanced Threat Protection Take your secure file transfers to the next level. Seamlessly integrate your managed file transfers with advanced threat protection and adaptive data loss prevention to keep your sensitive data secure. The SFT Threat Protection bundle enables you to collaborate safely without malware entering your organisation, and without your employees losing or mishandling data. What Does Advanced Threat Protection Do? Sharing information incurs risks… There’s the risk of opening your systems to threats, such as malware or even threats hidden within file transfers. There’s the risk of exposing the wrong content, whether sent by mistake or hidden in metadata. Advanced Threat Protection enables you to inspect managed file transfer content for threats as well as leakage. Seamless integration between Fortra's GoAnywhere MFT and the Clearswift Secure ICAP Gateway features: Anti-virus and malware protection Deep content inspection Adaptive data loss prevention Media type protection 3 Ways to Enhance File Transfer Security Prevent Files with Malware from being Shared. Simply check a box in GoAnywhere to turn on easy anti-virus protection through the Secure ICAP Gateway to scan all inbound file transfers. Detect and automatically strip out active content like embedded malware, triggered executables, scripts, or macros used to extract or hold sensitive data hostage. Advanced Threat Protection sanitises — without delay in delivery — as only the malicious active content is removed, allowing the file transfer to continue unhindered. This morph-free protection guards against today's leading malware and ransomware (i.e. CryptoLocker, CryptoWall, TorrentLocker, Dridex Dyre, BlackEnergy, etc.) and tomorrow's even more sophisticated threat variants. Block Sensitive Data from Being Shared. Prevent files with Personal Identifiable Information (PII) or other sensitive data from being transferred. GoAnywhere Threat Protection can inspect file contents, then stop and block files from being shared, based on policy. Redact Sensitive Information from Files Before Transfer. Ensure sensitive data is not transmitted or received. Detect or remove geotags, document properties, email addresses, or other metadata from documents, replacing sensitive text with asterisks. Detect and remove text contained in scanned images with Optical Character Recognition. Detect and remove offending content with text redaction. Encryption Isn’t Enough Encrypting sensitive file transfers is vital for ensuring the privacy and integrity of your data and complying with data governance regulations. However, while encryption can protect your files, you can do more to ensure your messaging security, by staying aware of what is being transmitted. Adding threat protection to GoAnywhere enables you to empower some senior individuals the power to transmit PII, while excluding others. Further, even if your transmission process is secure, you may want to audit who is sending what. The Secure ICAP Gateway enhances your encryption by limiting both who can transfer data, and what that data contains. Two Leading Solutions, Seamlessly Integrated The Clearswift Secure ICAP Gateway adds significant value to GoAnywhere MFT because of its threat protection, deep content inspection engine, adaptive data redaction, and flexible policy settings, while managed file transfer makes defining file movements a breeze. Additional features you can add to your file transfer process are structural sanitisation, document sanitisation, data redaction, anti-steganography, and optical character recognition. It’s the best and most thorough security for file transfers. Other Ways Clearswift Can Help You Integrating Clearswift’s core ICAP Gateway and threat protection with SFT can resolve gaps in your process and provide additional benefits. It can audit and control data in file transfers, for example, detecting when customer, employee, or patient records in a file are uploaded to SFT, counting the records, and maintaining an audit log of what data was shared with whom. When you add Clearswift solutions to your SFT instance, you get Lexical Expression Qualifiers, which can detect records based on multi-field matches, and trigger different actions based on number of records detected (e.g., audit, refer to sender, redact, block). Clearswift can also ensure you accept only the correct file types, by enforcing "True Type" controls which ensure you don't receive binaries, executables, scripts, or other unwanted file types. Clearswift solutions defend your system based on file byte pattern rather than by name. And, it works with nested files over 50 levels deep!

Annual Upgrade & Health Check Service Take the time, effort and risk out of ensuring your GoAnywhere environment is up to date and running smoothly! Our Annual Upgrade and Health Check Service provides dedicated resources to update your organisation’s GoAnywhere environment to the latest version. One of our experienced local Technical Consultants will review your organisation’s upgrade strategy, conduct a Health Check of your system and consult with you on any risks and compatibility issues potentially associated with your upgrade. What’s Included: Pre-Upgrade System Evaluation: Prior to upgrade, our local specialist will conduct an evaluation of your existing environment to identify issues and configurations that require special attention before upgrading. Preparation Meeting: a local GoAnywhere expert will present the findings and verify the scope of the upgrade. Upgrade: Our local GoAnywhere expert will assist with the upgrade of your environment, staying on hand to address any issues that may arise during the upgrade process. Rollback: In the unlikely event you encounter an unforeseen production issue, we will provide up to two hours of services to mitigate the issue. If the issue cannot be resolved, we will guide you through the rollback process and restore GoAnywhere to the previous working state. Health Check: We’ll evaluate the security configurations, performance logs, and overall health of your system. Our local GoAnywhere experts will check the number of licenses, workspaces, and job logs, and assist with optimising them. They’ll also advise you of opportunities to further leverage your investment in GoAnywhere to improve your organisation’s efficiency and security. Our Annual Upgrade and Health Check Service delivers the most up to date release of Fortra's GoAnywhere MFT and best practices. Download the Product Datasheet below for comprehensive details, and then Contact Us to schedule your Upgrade and Health Check! Download the Product Datasheet

< News “Scripting SNAFU” – A True Cautionary Tale 25 Feb 2025 A n anecdote shared by a local business dramatically demonstrates the danger of relying on old-fashioned file transfer scripts within your organisation. Million Dollar Mishap An Australian business was using legacy scripts to copy their customers’ Personally Identifiable Information (PII) between systems within their business. Now, PII – personal details such as name, address, phone number, date of birth, bank details etc – is the most protected kind of consumer information under Australian law. Businesses which mishandle it expose themselves to penalties potentially as high as $50M. One day, a staff member in this business accidentally deleted a customer’s data directory – an error that went unnoticed. When the legacy file transfer script ran as per its usual schedule, attempting to copy the customer’s updated PII to their customer directory, it couldn’t. The destination directory was missing. So the script copied the customer’s PII to a different customer’s directory! This meant the original customer’s PII was now visible to and accessible by the wrong customer – in breach of Australia’s Privacy Act. Better Managed File Transfers GoAnywhere MFT – the world’s leading Managed File Transfer (MFT) solution – would have prevented this error from occurring. It tightly controls where files are transferred from and to, with high levels of authentication and encryption. GoAnywhere remains vigilant. If it detects anomalies in its authorised file transfers, it doesn’t proceed. Instead, it sends an immediate alert to an authorised employee so that the issue can be addressed – before any data is lost or privacy laws broken. However, there are many more reasons why you should replace file transfer scripts with the world’s leading MFT… No Safe Scripts Scripts aren’t secure. For example, data sent via FTP is transferred “in the clear” – an easy target for external hackers, or curious employees and vendors. Worse, user credentials aren’t encrypted, putting your entire system at risk. Scripts lack advanced features. For example, automating file transfers with FTP requires adding a second solution, a time-consuming and complex prospect. It’s also difficult to build in re-try features, and lock down how users interact with sensitive data. Scripts don’t play well with new systems. For example, cloud-based computing environments require file transfers to be integrated with cloud-based solutions, and platforms such as Azure and AWS. Scripts are time consuming. Developing, maintaining, and troubleshooting scripts takes time, distracting valuable support staff from more important things. And if your support staff aren’t available when a script fails, it can bottleneck your organisation’s entire workflow. A Happy Ending So, what happened to the business whose missing directory accidentally exposed their customer’s PII…? After one of their customers reported that they were seeing a different customer’s PII, the business scrambled to quickly address the problem. They re-created the necessary customer directories and manually moved their customer’s data to where it belonged. Whew! But it’s what they did next that made the biggest difference… Determined to prevent the possibility of any such error ever recurring, the business immediately conducted a comparison of Managed File Transfer solutions. They selected GoAnywhere, the industry’s leading Managed File Transfer – and became a Generic Systems Australia customer! Leveraging The Experience If you’d like to learn more about how GoAnywhere MFT could put guardrails around your business’s handling of PII, please feel welcome to get in touch with me . I’m always happy to have an obligation-free discussion, or provide a quick and easy proof of concept. At Generic Systems Australia we’re your local experts in MFT solutions. Previous Next

< News Australia Tops Annual Ransomware Ranking 24 Mar 2026 Recent research shows that Australian organisations faced more ransomware incidents than any other country in 2025 - and most victims ended up paying the criminals. According to the global study of 1,625 senior security leaders from large enterprises, ransomware featured in 35% of all cyber incidents reported by Australian organisations in 2025. Typically, demands were for payment to unlock encrypted systems or threats to publish stolen data. Australia also ranked near the top globally for ransom payments. 95% of victims admitted they paid the attackers, second only to Singapore’s 97%. This willingness to pay is likely contributing to Australia being repeatedly targeted, incentivising attackers to focus their extortion demands here. AI Opens Back Doors Identity-driven threats are a key exposure of concern – and AI is facilitating their exploitation. 99% of Australian organisations have already embedded, or plan to embed, AI models or AI agents into their identity systems. These AI agents can perform tasks, make decisions, and access systems on behalf of users or automated processes. When compromised, attackers can use them to move rapidly through an environment and access sensitive data. Research authors Rubrik Zero described AI agents as “force multipliers,” the “next” major attack surface, able to dramatically amplify damage. Ongoing Toll Rubrik’s report reinforces that ransomware remains a stubborn and expensive challenge for Australian organisations. Despite the high rate of ransom payments, recovery times remain slow. Almost a quarter of Australian organisations needed more than 24 hours to resume operations, and 34% estimated it would take at least a week to return to full functionality. Rubrik warned that innovation is outpacing investment in the controls needed to manage AI‑driven risks. They emphasised the importance of monitoring AI agent behaviour, enforcing real‑time safeguards, improving agent accuracy, and having mechanisms to reverse harmful or incorrect agent actions. Underpinning IT Foundations Rather than wasting money on ransoms, organisations need to invest in secure and resilient IT foundations. That starts with protecting valuable data where it is stored and when it is transferred. Managed File Transfer (MFT) solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards. MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. Layered Defences Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence. SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering your organisation, and reducing opportunities for employees to lose or mishandle sensitive data. Tap Local Expertise Generic Systems Australia are your local experts in Managed File Transfer and Advanced Threat Protection. We’ve assisted hundreds of organisations across the Asia-Pacific region to secure their data, keep cybercriminals at bay… and keep ransomware off the books. We’re also Fortra’s top MFT partner across Australia and New Zealand. If you’d like to discuss improving your cybersecurity through MFT, please feel welcome to contact us. We’re always happy to have an obligation-free discussion and explain how simply and affordably we can bolster your protections against cyber criminals. Previous Next

< News What is ‘MFT’ ... and why should you care 19 Oct 2023 What is ‘MFT’ - and why should you care about it? In today's data-driven world, the seamless and secure exchange of information is key to business efficiency. Managed File Transfer (MFT) is a powerful technology that comprehensively addresses the risks and challenges of moving information, both within an organisation, and with external suppliers, partners and customers. At its core, Managed File Transfer simplifies the complexities of data transfer by offering centralised control, encryption, and auditing capabilities. Unlike traditional approaches, such as FTP, MFT provides enhanced security protocols, ensuring data privacy during transmission and storage. And it does so via a user-friendly interface, which is easy to use for even non-technical employees. Organisations adopt MFT technology for the many benefits it provides. Security: MFT employs robust encryption algorithms, reducing the risk of data breaches during transit. Features like Access Controls, and Multi-factor Authentication, safeguard sensitive information from unauthorised access. Efficiency: MFT automates repetitive tasks. This not only reduces human error, it saves significant staff time. Through scheduling of file transfers, monitoring of progress, and automatic error-handling, it enables a significant boost to operational efficiency. Compliance: In industries with strict regulatory requirements, MFT helps companies meet compliance standards (e.g. HIPAA and GDPR) by automatically maintaining detailed logs and audit trails. Scalability: Through its ability to handle large file transfers and an ever-growing number of users, MFT is able to grow in sync with an organisation's needs, while maintaining superior performance. Collaboration: In addition to improving business processes within an organisation, MFT facilitates seamless collaboration with external partners, suppliers, and customers, fostering strong relationships built on shared trust and reliability. Managed File Transfer technology offers organisations a secure, efficient, and scalable solution for their data transfer needs. By leveraging MFT, businesses can not only streamline their operations but also gain a competitive edge, while ensuring the integrity and confidentiality of their data in today's interconnected digital landscape. Generic Systems Australia is the Asia-Pacific region’s leading provider of secure MFT solutions. If you’d like to explore how your organisations’ efficiency and bottom line could be boosted through MFT technology, please feel free to contact our Business Manager, Bradley Copson, ( bradley@gensys.com.au ) for an obligation-free discussion. Previous Next

GoAnywhere MFT is the world’s leading Managed File Transfer solution. This datasheet summarises its key technical features. Review the report below. RESOURCES HOME

< News Small-to-Medium Businesses the Big Targets for Cybercrime 17 Mar 2024 While cyberattacks on large corporates make the headlines, it’s small to medium businesses who are being hit the hardest. The 2024 Sophos Threat Report found that the sophistication of cyberthreats faced by small to medium organisations is often on par with those used to attack large enterprises. Apparently, while the amount of money that can be stolen is less than that available from a larger organisation, cybercriminals more than make up the difference in the volume of thefts. More vulnerable, greater impact Sophos say that organisations with fewer than 500 employees are not only more vulnerable to cybercriminals, they also suffer more proportionally from the results of cyberattacks. The greater vulnerability is due to a lack of experienced security operations staff, underinvestment in cybersecurity, and smaller information technology budgets. And, when these businesses are hit by cyberattacks, the expense of recovery forces many to close. Attractive Ransomware Targets 90% of the world’s businesses are small- and medium-sized. In Australia, these businesses contribute more than 60% of the nation’s overall GDP. According to The Institute for Security and Technology’s Ransomware Task Force, 70% of ransomware attacks target small to medium businesses. Other Prevalent Threats Beyond Ransomware, a variety of other cyberthreats also pose an existential threat to small and medium businesses. Data theft is the focus of most malware targeting small and medium businesses. Password stealers, keyboard loggers, and other spyware make up nearly half of malware detections. Credential theft through phishing and malware can expose small businesses’ data on cloud platforms and service providers, and network breaches can be used to target their customers as well. Web-based malware distribution — through “malvertising” or malicious search engine optimisation — is also on the rise. Unprotected devices connected to organisational networks — including unmanaged computers without security software installed, improperly configured computers and systems running software fallen out of support by manufacturers — are a primary point of entry. Attackers are increasingly abusing device drivers — both vulnerable drivers from legitimate companies, and malicious drivers that have been signed with stolen or fraudulently obtained certificates. Email attacks have begun to feature more active engagement with targets over email, using a thread of emails and responses to make their lures more convincing. Attacks on mobile device users, including social engineering-based scams tied to the abuse of third-party services and social media platforms, have grown exponentially, affecting individuals and small to medium businesses. Your Data is Their Target The greatest cybersecurity challenge facing organisations of all sizes is data protection. More than 90% of attacks reported to Sophos involved data or credential theft, with methods ranging from ransomware attacks, to data extortion, unauthorised remote access, and simple data theft. Compromised business email userids are also a substantial problem for small to medium businesses, and the next most prevalent threat after ransomware. Stolen credentials, including browser cookies, can be used to compromise business email userids, provide unauthorised access to third-party services such as cloud-based finance systems, and entry to internal resources. Turning Your Own Tech Against You Sophos said that, as 2023 progressed, they observed an increase in the use of remote execution of ransomware. Unmanaged devices on an organisation’s own network were hijacked to encrypt files on other systems via network file access. Ransomware and other malware developers are increasingly using cross-platform languages to build versions for not only Windows, but also macOS and Linux operating systems. Small and medium businesses also need to be concerned about the security of the services they depend upon to manage their business. Attacks against managed service providers became an enduring part of the ransomware playbook in 2023. How to Protect Your Business Criminal syndicates count on smaller organisations to be less well-defended and to not have deployed modern, sophisticated tools to protect their users and assets. The key to successfully defending against their threat is to use a multi-layered strategy that includes robust data transfer protection, staff education, and multifactor authentication. A Secure Managed File Transfer solution such as the class-leading GoAnywhere MFT addresses the many risks of ad hoc techniques through a holistic approach to security, including: Automatic authentication, encryption and decryption User access controls Auditing and Reporting, and Industry standards compliance. If you’d like to beef up your organisation’s defences against the increasing threats posed by cybercriminals , please feel free to contact me , Bradley Copson (mail to: bradley@gensys.com.au ). I’m always happy to have an obligation-free discussion, and explain how we can quickly and affordably transition you from your existing approaches without disrupting your business. I’ll even offer you a zero-cost Proof of Concept. Bradley Copson Business Manager Generic Systems Australia Your Local Experts in Secure Managed File Transfer #MFT #managedfiletransfer #securefiletransfer #sft #cybersecurity #datatransfer Previous Next