back4

How to stop…

…your business being held to ransom

protect-banner

In September last year an Aussie refrigeration business paid thousands of dollars to cyber-criminals who encrypted their credit and debtor invoice information to prevent the company accessing the data. This attack, known as Ransomware, is not an isolated incident. Medical Centres in Queensland, IT businesses in the Northern Territory and a retail shop in Sydney are just a few recent businesses that have been held to ransom by a new wave of attacks.

What is Ransomware?

Ransomware is a type of cyber-crime designed to trigger a ‘panic and pay’ response. In essence it’s an old-fashioned extortion racket adapted for the internet age. Victims know that any loss of IT systems, company files or confidential data can impact their business significantly yet there is no guarantee that paying up will put things right.

How does the attack occur?

These attacks all involve infiltration of your IT system by a rogue computer program. “Firstly, your computer becomes infected, and then you receive a notification in relation to what the cyber-criminals want from you

The malicious code can compromise your network if you unknowingly surf an infected website or open an infected email attachment. Then it freezes your computer or encrypts files on the hard drive. A pop-up may appear asking for payment to reverse the damage or an email appears in your inbox carrying the same disturbing message.

How to minimise your risk

To protect yourself against Ransomware, ensure you do the following:

1. Regularly update your PCs, servers and mobile devices with software patches for Java, Adobe Flash, Acrobat Reader, Windows and Internet browsers.

2. Install and maintain comprehensive, constantly updated security software at every possible entry point into your network (PCs, notebooks, mobile devices, servers and your Internet gateway).

3. Put robust backup procedures in place with backups taken offline or removed from your network and securely stored to prevent cybercriminals locking or encrypting your backup devices. You also need a reliable system recovery solution – but not one that takes hours, days or weeks to execute. You need your data back in minutes.

What if you get attacked?

If you get compromised by a Ransomware hacker then the general consensus in the IT security industry is not to “pay up”. In most cases if you try to pay the ransom then they’ll increase the amount payable. There are some steps you can take to spring the trap, for example click here to find out how Symantec do it.

Need help?

If you need help to review your security and back-up measures then please drop us a line.