Click-happy owners leaving SMBs wide open to phishers, ransomware: McAfee

Small and medium business owners’ prurient interests are being exploited by a surprisingly large population of spear phishers as a growing flurry of attacks compromises SMBs at an alarming rate, the regional CTO of security giant McAfee has warned.

Not only had nearly two-thirds of Australian SMBs been hit by a virus, worm or Trojan over the past 12 months, according to McAfee’s new State of Cybersecurity in Australian SMBs research – but 51.5% had been hit three or more times over the same period.

The repeat victimisation of small companies suggests that despite broad education campaigns about modern cybersecurity threats, most small business owners still click freely on emails offering celebrity pictures, free videos, and the like.

“Spear phishing attacks are not complex, but they work,” McAfee CTO Michael Sentonas tells CSO Australia. “It’s pleasing from one perspective to see that people are a lot more savvy to know these things are happening in the first place.”


“A lot of the attacks are very much opportunistic because they don’t have to be complex,” he adds. “Most people’s networks are being compromised because some of the security basics are not being done. These numbers are very high largely because it’s so easy for attackers to carry out these types of attacks.”

While large enterprises and governments implement sophisticated techniques to filter, analyse and block malware attacks, the report’s results suggest systematic ignorance on the part of SMB owners continues to make them easy prey – particularly when it comes to ransomware, in which malicious code locks systems or encrypts data until a ransom is paid.

While ransomware can be foiled in large businesses by careful backups, small businesses are often proving less than vigilant in protecting their data – and find themselves at the mercy of ransomware operators as a result. Some 30.5% of McAfee respondents said they had been hit with ransomware in the past 12 months, with 36.1% of those afflicted paying cybercriminals to retrieve their data.

“The reason why there’s such a bad problem with ransomware targeting SMBs is because it works, it’s so simple, and there’s a very low risk of getting caught,” Sentonas says.


“Many SMBs find out in very serious circumstances that their backup didn’t work – or that they didn’t have one at all. The human element remains one of the biggest security challenges.”

Indications are that things aren’t going to get any better, with 78% of respondents already running bring your own device (BYOD) policies – and 74% indicating they are either not using protective security measures, or aren’t sure if they are.

Fully a quarter of respondents indicated they already suspect their love of mobiles is going to cause them headaches, naming mobile device security as their #1 challenge for the coming year.

Yet even without mobile security issues, data breaches were taking their toll: 46.5% of respondents had experienced the theft of proprietary information via a data breach, while 23% of those hit by theft had been hit three or more times in the past year.

Robbie Upcroft, SMB lead at McAfee Asia Pacific, wasn’t impressed by the results: “Whether SMBs need education the kind of threats to their business that are out there,” he said in a statement, “or whether it’s something even more practical, such as a managed service provider taking over their security operations, the sector appears to need all the help it can get.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Michael SentonasState of cybersecuritymcafeesecuritynewstrojan

More about CSOMcAfee Australiamobiles

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place