Thousands of Australian businesses have received ransom threats over the past year. As a business owner, you need to ask yourself whether your business could afford to pay a $50,000 ransom to stop your corporate data being deleted? How would you react? How would the loss of money or your files impact your business?
The CyberSecurity and Ransomware landscapes changed significantly from 2018 to 2019, as highlighted by two 2020 reports. The CrowdStrike Global Threat Report 2020 and the 2020 Ransomware Resiliency Report (a cyber security study commissioned by Veritas). together these reports outline concerning changes in ransomware attacks from 2018 to 2019.
Targets now include almost all sectors. Previously, attacks were predominantly targeted towards government bodies and large corporates.
Attacks are focussing less on espionage and more on political disruption and economic gain.
Attackers are targeting people, as computer systems become better defended.Sophisticated scams via email, sms, and fake web sites are attempting to steal credentials.
Ransomware-as-a-service is a thing now; attackers no longer need the smarts to attack you, they just rent the service.
As these trends continue it’s clear that smaller business will increasingly be exposed. 2019 saw ransom demands soar into the millions, with amounts up to US$12.5 million. You business will likely be unable to pay a ransom as high as that, and attackers know this, but attacks of the order of around $50,000 for a small business is easy to envisage.
According to the the 2020 Ransomware Resiliency Report 42% of businesses surveyed had experienced a ransomware attack, with 66% estimating it would take 5 days or more to recover if they didn’t pay the ransom.
Many smaller businesses are choosing to pay the ransom rather that be out of action for 5 or more days. Can your business afford to be at the mercy of ransomware attackers for $12.5 million, unable to to anything until the ransom is paid?
Corporate offices can be secured in multiple ways; from the network firewall and antivirus on computers, to simple communication between staff to avoid suspect activity. Additionally, IT providers were better able to communicate and educate against threats to their clients en-masse.
Working from home breaks almost all of these defences, especially when staff start to use their own devices, leaving businesses more vulnerable than ever.
In Australia we’re lucky, as 75% of so-called malware-free attacks target North America, with only 30% of these extremely effective attacks affecting us here, so there is time to prepare your business and staff for malware-free attacks.
There are a number of ways to protect you and your business.
The first line of defence is to protect your equipment.
The use of anti-malware software (e.g. antivirus) is vital, and locking machines down so that staff can’t inadvertently install malware is also extremely effective. When staff use their own equipment they will (rightly) protest at necessary locks, so it’s extremely important to provide staff with corporate-owned equipment which can be centrally locked, maintained, and monitored.
Policy is the next line of defence.
Policies like password complexity and change frequency, and enforcing the use of multi-factor authentication. Add to this ongoing software maintenance to ensure the latest, most secure versions of operating systems and applications are used. Implement strict policies on where corporate data can be stored and that it must be transmitted securely. The last piece of policy is frequent backups, as they may be your last line.
Limit risk by isolating systems and minimising the overall system count.
The more systems are used the more likely an attacker will find a weakness. It’s also important to keep systems separate; for example, never have your email on the same server as your web site. Use different passwords for different systems, to limit any damage done by an attacker.
With evolving threats, your people are your greatest asset.
Changing the behaviour of your staff is the most difficult and most important part of your security strategy. Educate staff to be aware of suspicious activity and then contact IT departments if in doubt. We have seen numerous examples of how companies have lost money via human error.
If you’d like a security consultation then contact iHelp IT on 02 8213 4225. We take a multi-point approach to securing your environment and business against attacks.
And it costs a lot less than $50,000!