Cybercriminals are getting smarter — and slower to reveal themselves. The average time between a breach and its discovery is 207 days, according to IBM's Cost of a Data Breach Report. That means many Australian small businesses are operating with compromised systems for months without any idea.

At BITS Perth, we've helped businesses in Clarkson, Joondalup, Butler and across northern Perth respond to cyber incidents. Here are the five warning signs we see most often — and the immediate steps you should take if any of them sound familiar.

Important: If you suspect your business is actively being attacked right now, disconnect your affected devices from the internet immediately and call us on 0477 032 032. Don't wait.

The 5 Warning Signs

1Your accounts are sending emails you didn't write

If customers, suppliers or staff are receiving emails from your address that you didn't send — this is a major red flag. Attackers often use compromised email accounts to send phishing emails to your contacts, or to request fake invoices and bank transfers.

Check your "Sent" folder for any emails you don't recognise. Check your email rules and forwarding settings — attackers often set up silent forwarding rules to copy all your incoming email to themselves.

2Your computer or network is running unusually slowly

A sudden, unexplained slowdown across your network could indicate that your machines are being used to mine cryptocurrency, send spam, or participate in a distributed attack — all while you're trying to use them.

Check your Task Manager (Windows) or Activity Monitor (Mac) for unfamiliar processes consuming high CPU or memory. If you see something you don't recognise, don't close it — screenshot it first and call a professional.

3You're seeing unexplained charges or account activity

Unusual logins from overseas locations, unexpected purchases, or unrecognised charges on business accounts are a clear sign that your credentials have been compromised. Attackers often "test" stolen credentials with small purchases before going bigger.

Enable login alerts on all your business accounts — Microsoft 365, your bank, your cloud storage and any SaaS tools you use. Review your account activity logs at least weekly.

4Files are missing, encrypted, or have changed names

If files are suddenly inaccessible, renamed with strange extensions (like .locked or .encrypted), or if you find a ransom note on your desktop — you've likely been hit by ransomware. This is one of the most damaging and costly forms of attack on Australian small businesses.

Do NOT pay the ransom without seeking expert advice first. Payment does not guarantee recovery, and it funds further attacks. Call us immediately — we can assess whether recovery is possible from backups.

5Your security software has been disabled

One of the first things sophisticated attackers do after gaining access is disable your antivirus, firewall, or endpoint protection. If your security software suddenly shows as turned off and you didn't do it — someone else may have.

Check your security software status regularly. A managed IT provider like BITS Perth monitors this 24/7 and alerts you the moment anything is disabled.

What to Do Immediately If You Suspect a Breach

  • Isolate affected devices — disconnect them from the network and internet (unplug ethernet, turn off Wi-Fi) but leave them powered on so logs are preserved
  • Change all passwords immediately — prioritise email, banking, and any admin accounts, from a device you know is clean
  • Enable multi-factor authentication (MFA) on every account that supports it
  • Do not pay any ransom without first seeking expert advice
  • Notify relevant parties — if customer data was involved, you may have obligations under Australia's Notifiable Data Breaches scheme
  • Call your IT provider — or call BITS Perth on 0477 032 032 for immediate incident response support

How to Protect Your Business Going Forward

The best cure is prevention. At BITS Perth, our Managed IT & Cybersecurity service provides:

  • 24/7 endpoint monitoring and threat detection
  • Automated patch management so vulnerabilities are closed fast
  • Email security and phishing protection
  • MFA setup across your business accounts
  • Regular encrypted cloud backups — so you can recover without paying a ransom
  • Staff security awareness training

Not sure how vulnerable your business is right now? Take our free Cybersecurity Risk Assessment — it takes 5 minutes and gives you a personalised risk score with recommendations.

Worried Your Business Has Been Compromised?

Call BITS Perth now for a free security assessment. We serve businesses across Clarkson, Joondalup, Butler, Wanneroo and all of northern Perth.

Call 0477 032 032 Free Risk Assessment
Cybersecurity Business IT Perth Ransomware Small Business