Could your business survive a $50,000 cyber attack? A major Australian company just suffered a massive data breach—SMBs might be next.
ARDEX Australia, a major construction company with offices nationwide, was hit by a recent cyber attack last January 27. Medusa, the alleged culprit, reportedly accessed and stole confidential business data, comprising sensitive company information and personal data.
ARDEX Australia, a major construction company with offices nationwide, was hit by a recent cyber attack last January 27. Medusa, the alleged culprit, reportedly accessed and stole confidential business data, comprising sensitive company information and personal data.
Other high-profile attacks by Medusa
Medusa is the mastermind behind the cyber attack on Ainsworth Game Technology Limited (AGT) last year, stealing 852.4 gigabytes of data from the company. The stolen data contained sensitive information such as business documents and personal employee records—most of which were from Australians.
Medusa set the ransom at $1.2 million in exchange for refraining from exposing the stolen data. However, it's unclear if the ransom was paid, as AGT never publicly acknowledged the attack or any issued payments.
Question — Do companies even pay these ransoms?
They're highly likely to pay. In fact, 94% of targeted companies reported that criminals attempted to compromise their backups during the attack, and 57% of those instances led to successful backup breaches. This left companies with little choice but to cave in.
Why do I need to be concerned about this news?
As a small business owner, this serves as a ‘wake-up call’ to the growing risks tied to our increasing reliance on digital technologies. While ransomware operators often focus on large companies for huge payoffs, SMBs are far from being off their radar.
Sophos, a leading cybersecurity firm partnered with 1300 InTech, released its State of Ransomware 2024 report, revealing that cyber attacks remain a significant and ever-concerning global issue.
What’s even more concerning is that, while large organisations are frequently targeted, small-to-medium businesses remain at risk because they often present the lowest barriers to entry. The most common attacks involved 'exploited vulnerabilities' at 32 per cent, followed by 'compromised credentials' at 29 per cent, and 'malicious email' campaigns at 23 per cent.
You can read the full report here.

Even Sophos seems to share our insights on the matter. John Shier, the firm’s Field CTO, stated in the report that: While some groups are focused on multi-million-dollar ransoms, others settle for lower sums by making it up in volume.’
What it means for small-to-medium businesses
Now, SMBs don’t have the resources, manpower, and proper readiness to handle these threats — and official figures are backing this claim.
According to the Australian Signals Directorate's (ASD) Annual Cyber Threat Report, although the numbers indicate a reduction in self-reported business cybercrimes last year, SMB self-reports increased by 8 per cent. Here in Australia, email compromise comes across as the most commonly reported type of attack, (alongside ransomware and data theft) with losses averaging $49,600 per incident.
That means if your business got hit with a recent cyber attack, it would cost you around $50,000 to recover from the damages.
Small businesses form the backbone of the Australian economy, accounting for around 98% of all businesses. This means 9 out of 10 businesses aren't adequately prepared for an attack. While large enterprises like ARDEX can often recover from such attacks, an SMB targeted in the same way might be crippled indefinitely. It may sound unbelievable, but it's the harsh reality.
Small businesses form the backbone of the Australian economy, accounting for around 98% of all businesses. This means 9 out of 10 businesses aren't adequately prepared for an attack. While large enterprises like ARDEX can often recover from such attacks, an SMB targeted in the same way might be crippled indefinitely. It may sound unbelievable, but it's the harsh reality.
Is the government doing anything about it?

Here are the minimum measures you can immediately implement:
- Create and regularly test your cyber incident response plan.
- Implement multi-factor authentication.
- Update outdated software.
- Invest in high-quality automated backups.
If you’ve taken all the recommended measures and a cyber attack still occurs, we advise calling the Australian Cyber Security Hotline. The hotline is available 24/7 via 1300 CYBER1 or 1300 292 371.
Note: These measures are continuously evolving, as the ASD has observed that recent cyber attacks are becoming increasingly sophisticated with the integration of AI, particularly in the field of social engineering where it’s used to craft highly targeted (and convincing) phishing attempts.
1300 Intech always strives to be at the forefront of business touchpoints, and if you liked insights such as this article, we send a lot more through our monthly Digest. Alternatively, you can contact us directly for faster response times. We're always up for a chat!