Don’t be a victim of cyber criminals. Learn how to protect your computer from malware.
Estimated reading time is 5 minutes.
Estimated reading time is 5 minutes.
Ransomware is currently one of the most significant security threats to small businesses in Australia. Here are some simple ways you can protect your business against ransomware.
Ransomware is a type of malicious software (malware) that encrypts (or locks) the files on a computer, making them inaccessible. Once the malware has been downloaded onto the victim’s computer, the victim receives a message on their computer screen from the criminal (the ransom note), advising them that their files have been locked, and demanding money in return for unlocking the files.
Cybercriminals usually demand victims pay the ransom in virtual currencies, such as Bitcoin, which is difficult for law enforcement to trace. Ransomware attacks are just like any other extortion attempt and police advise that businesses should not comply with the criminals’ request for money.
Information is the DNA of every small business and needs to be protected from cybercriminals.
To get a real understanding of the value of your information, think about what would happen to your business if one of the following scenarios occurred:
The impact to your business and your reputation could be damaging.
Ransomware threats are a reminder of why it’s so important to think about your security controls and to back-up your business data regularly.
Ransomware can gain access to a businesses’ network by disguising the malicious software as a link or attachment in a phishing or spam email.
Email is a popular delivery mechanism for malicious software because email is cheap and reaches a wide audience. Some phishing emails carrying ransomware will appear to be an email invoice from a provider such as an energy company or a telecommunications company. The fake invoice directs the recipient to click on a link and download a file to view their bill. By downloading the file, the recipient installs the ransomware malware onto their computer.
You should exercise extra caution with emails that:
Train your employees to be vigilant by learning how to identify suspicious messages.
Check the security settings on your computer's operating system and software applications to confirm that they're set to automatically update and install new patches. Each operating system is slightly different, so if you’re unsure check the Microsoft or Apple websites for information.
It’s important to have fully functioning anti-virus running at all times to ensure you're protected to the highest level possible. While trial anti-virus software is free, it usually only updates during the trial period. Check your software to confirm that it is valid and set to automatically update, scan and flag suspicious activity.
Backing-up your business data is critical to safeguarding your business. In the unfortunate event that you're impacted by a ransomware attack, you'll need to rely on these back-ups to restore your valuable data.
Backing-up data means making a copy on another device. For example, you might save your important files onto a second removable hard drive or USB drive. It's best practice to back-up your data on two different devices.
There are two basic kinds of back-ups: a full back-up and an incremental back-up.
Remember to disconnect the back-up device (e.g. external hard drive or USB) from the computer when you’re finished, as attackers are known to encrypt or delete back-ups connected to the computer or network.
It's also important to test your back-up frequently by restoring data to a test location. This helps to ensure the back-up device and backed-up data are in good shape. You can identify any problems in the restoration process and provide a level of confidence that your back-up will work during an actual crisis.
It’s good business practice to have an incident management plan that has key contacts, processes and business continuity plans in case you do have an issue. This will reduce the time to get back online, and the stress of recovering your business data so that you aren’t trying to work out what to do when your system is down.
Learn more about how to recover fast from business disruptions.
The Australian Cyber Security Centre (ACSC) recommends that businesses impacted by ransomware:
Australian Government | Australian Cyber Security Centre
The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together. It’s the hub for collaboration and information sharing to combat cyber security threats. ACSC provides timely information on how home internet users and small businesses can protect themselves from cyber security threats. They also help users reduce their risks of software vulnerabilities, online scams, malicious activities, and risky online behaviours.
Australian Government | ReportCyber
ReportCyber is a secure reporting and referral service for cybercrime. These online incidents may be in breach of Australian law. The ReportCyber website provides a cybercrime reporting mechanism as well as helpful information about cybercrime.
Australian Competition and Consumer Commission | Scamwatch
Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams using publications, videos and other online resources.
Australian Government | Office of the eSafety Commissioner
The Office of the eSafety Commissioner provides online safety education for Australian children and young people, a complaints service for young Australians who experience serious cyberbullying, and addresses illegal online content.
Australian Government | Attorney-General’s Department
The Attorney-General’s Department website provides helpful information and resources about your rights and protections in regards to identity security, freedom of information and cyber security. The Department has developed a range of resources to assist people to protect their identity and recover from the effects of identity crime.
Don’t be a victim of cyber criminals. Learn how to protect your computer from malware.
When it comes to unexpected disruptions a business continuity plan can help keep your business running.
Your stored business data travels in and out of your network. What key controls can you put in place to ensure it’s safe?
Online threats don’t have to turn into crimes with security controls in place.
You’ll now be redirected from NAB to an external site.
NAB doesn’t accept responsibility for the operation of the website you’re being redirected to.