We are imploring you to be extra careful when it comes to ransomware attacks. Take some time this week to double check your security systems. If you do become a victim, make sure part of your recovery involves examining how the cyber criminals gained access to your network, so that you can fix the problem.
Cybercriminals do not just target big business. In fact, in many cases smaller businesses are more desirable targets. This is because small businesses hold all of the information that big business has (such as client data), but often do not have all the means to invest in the best software and hardware to protect it.
Tips for avoiding cyber attacks:
- make sure operating and security systems are up to date
- apply multi-factor authentication wherever possible
- regularly back up your network and store these back ups offline and to a cloud service
- have a unique password for each login
- don’t include easily accessible information in your password (birthdays, names of your children or pets etc.)
We also advise that you phone someone directly if they email you asking for key information to be updated, such as bank details. One of our clients recently received an email from a supplier asking for their bank details to be updated, and issuing an invoice with the new bank details. Unfortunately, the ‘supplier’ was a fraudulent account who had bought the identical domain name minus one letter. Therefore, looking at the email and the fake website, it looked legitimate. If a phone call had been made, a fraudulent payment might have been avoided. If in doubt, make sure you confirm with your clients/suppliers directly!
Your business insurance might not cover you in the event of a cyber attack, so it might be handy to have a plan in the event of a ransomware attack happening to your business. This is, obviously, in addition to ensuring you have done everything possible to prevent one occurring.
If it happens to you, it is best to be upfront with your customers. Rather than trying to hide a breach, today most companies will come out and say something like:
“We have experienced a ransomware attack. Here’s what we’re doing to contain it, fix it, protect customer information, and this is how we’re planning to strengthen our systems going forward to make sure this doesn’t happen again.”
And if it does happen to you, rest assured that it really could happen to anyone; hackers are incredibly sophisticated nowadays. Nine Network, Toll Group and Service NSW are just a handful of high profile businesses who have been victims of ransomware attacks.
Stay safe online and offline!