The tragic and ongoing conflict in Ukraine should be considered a catalyst for businesses of all sizes to review their IT security for possible cyber threats.

Previously SMEs may have considered themselves too small to be a target of a cyber attack. The reality is that hackers are becoming increasingly sophisticated in how they target and attack. Therefore, it’s no longer a case of if a business will come under attack, but when.

Australia, along with the US, UK, EU and other governments, have condemned Russia’s aggression towards Ukraine, including the imposing of sanctions. As a result, there is a risk that Australian businesses could be caught up as collateral damage, particularly those with a presence in Ukraine or NATO countries through global supply chains.

Russia is home to some of the world’s most infamous criminal hackers, some of them state-sponsored. NotPetya, a cyber-attack by Russian military hackers in 2017, is considered to be the costliest cyber-attack in history. The destructive software was hidden in an update of popular accounting software used in Ukraine, but spread worldwide destroying the computer systems of thousands of companies and causing approximately $10 billion of damage.

Another recent example is the Wiper malware. Launched by Russia, it is currently prevalent in Ukraine and can potentially spread in several countries within minutes.

The working from home phenomenon of the past two years elevated cyber security for many businesses. Many businesses also took steps to train staff and drive awareness of cyber threats.

Cyber security is an area which is changing at a rapid pace. Sadly, the reality is that cyber criminals continually devise new and sophisticated methods to circumvent security controls.

For SMEs, the impact of cyber fraud may be quite severe. If you have not done so already, we recommend assessing how prepared your are to respond to any cyber security incidents. It may also be time to review your incident response and business continuity plans.