Ransomware has become an increasing problem particularly for small to medium businesses in the last few years with ransomware attacks being increased by 97 percent of the last 2 years (Source Phishme). Ransonware generates over $25 million in revenue from hacking organisations every year (Source Business Insider) and proves that this isn’t a problem that will just go away. Businesses in particular, need to act to ensure they have a clear understanding and action plan if effected by ransomware. A number of Preventative measures are available and will be outlined further in the article.

What is Ransomware?

Ransomware by definition is a form of malware/virus that prevents users accessing their systems or data until a some of money is paid to the attacker.
Below is an example of what the program looks like when the attackers have taken access to your data;

Notice that Bitcoin is the only used payment method, this is due to Bitcoin being incredibly hard to be traced and is therefore is the primary payment method for cyber criminals.

How Does Someone Become Infected by Ransomware?

Similar to any other malware, ransomware can often be prevented by proper protocols and procedures on the user’s end.

• It can infect systems via email – when an unsuspecting user downloads a malicious link off an email which may run an executable program.
• Ransomware can also be spread by an infected website where a drive-by downloading occurs when the user loads the page.
• Social media is also another culprit when links are shared and opened by unsuspecting phone users, without thinking a lot of the time.

How can I / We Prevent Ransomware?

• Make sure you have a strong anti-virus and firewall installed for each computer and this is kept up-to-date. Firewalls will prevent users opening sites that can cause harm, anti-virus software will scan for any infected files on your computer.
• Install content filtering on your mail servers (Spam Filter), this will prevent a large portion of the inbound scam emails.
• Regularly make sure all software and systems are up-to-date. A key way attackers can get attackers can get access is through out of date software.
• Train users to be more aware of what dangerous emails and website look like so they can avoid dangerous links. Be sure to contact your IT specialist if you are unsure of any emails or links before opening them. There are also a number of great user training programs out there to help with this, Knowbe4 is one of the best.
• Be aware that most financial brokers now offer cyber insurance which can cover a range of things including ransomware.

What About if I Become Infected by Ransomware?

For a start it is highly recommended that you do not pay the ransom, it only funds and encourages these attacks further when they are paid. Also, there is no guarantee you will get your data back even if you do pay (it is quite common for this to happen).

Make sure you keep regular backups of all necessary/sensitive data on your system. Although it can be pain to restore backups for a whole system (and some data may lost) it is the easiest method to getting around ransomware if your become infected.

If you need more information of help regarding ransomware to don’t hesitate our team at Plus 1 on 03 58333000 or via email to plus1@plus1group.com.au

Below are some tips for making you and your business safer and more secure when it comes to cyber security.

Password Security

Set long and complex passwords, these days your passwords should at the very least be 8 characters in length, include special characters, number and upper-case and lower case letters.
Ensure you change the passwords for the accounts you regularly use.
Don’t use same password for different sites/ logins.
Use a password management program for lots of passwords if you are struggling to remember them all. Good examples include LastPass for cloud storage and KeePass for locally stored passwords.

Two Factor Authentication

Setup two factor authentication on important accounts. This provides an extra layer of defence against attacks by ensuring you need a separate form of authetication (usually a phone app request or email). If for some reason your email password gets hacked you’ve still got the last line of defence of denying the login requests from your phone or other email account. Almost all email providers and banks have two factor authentication as standard and you should expect that feature when signing up.

Insecure Sites & WiFi

Be careful connecting to insecure sites, for example does it have the lock symbol in the left-hand side of the address bar (see below)? If not make sure you know the site otherwise it could be harmful.
Also, be wary of open WiFi networks (e.g. free McDonalds WiFi). Free public networks are quite easy for hackers to take advantage of as these often have little to no security. If you do need to use them, make sure to forget the network by going into your settings and removing the connection once you are finished so your phone doesn’t automatically connect again when it’s in range.

Awareness Training

Whether you employ staff or not it is worthwhile investing time into making yourself and those around more you educated on scam threats. Suspicious email requests and phone calls are particularly common so being aware of the common ‘tells’ as this makes a lot of difference in guarding yourself and business.
You can check out the below government links to keep abreast of the latest scams;
https://www.ato.gov.au/general/online-services/identity-security/scam-alerts/
https://www.consumer.vic.gov.au/resources-and-tools/scams
https://www.scamwatch.gov.au/

Policies and Procedures

Update policies & procedures to have a set process for changing key data (such as bank account payments). This is particularly key against scam emails and phone calls that attempt to make you act irrationally in panic by stating “You’ve been hacked! click here to change your bank details”.
A good plan is to have multiple people to go through when changing details, this way if one person doesn’t pick up on the scam the next person does. Also confirming whether these scams are legitimate by contacting the alleged sender and verbally confirming the change (e.g. calling the NAB if the email appears to have been sent as coming from them).

Software Updates

Ensure your applications and operating systems are kept up-to-date with the latest patches. Software developers often release patches for their software that has become vulnerable to security flaws and these are necessary to keeping you and your data safe.

Backups

Ensure you are running some form of backup for your company data. Your backup strategy will vary depending on the size of your company and the type of data being backed up. The more sensitive the data the more often it should be backed up, smaller businesses may only need to backup once a week whereas larger organisations should be backing up daily. All businesses should ensure they are taking offsite backups, and test their backups every 6-12 months to ensure they are in working order.