Imagine if you were blocked from your business files and online resources, even for a short time – your business would grind to a halt.
You couldn’t access vital client and product information or service your customers - not to mention the opportunities you’d miss while you’re offline.
This is what a ransomware attack can do – and Australian small businesses are being targeted every day. If you fall victim to ransomware, the consequences can be devastating – both financially and to your reputation. For example, a company with 50 employees could expect to lose around $56,000 from a single ransomware attack.
The number of businesses affected by ransomware has increased dramatically in the last two years, and it’s predicted that hackers will target even more businesses in 2017. In December 2016 alone, there was over 500 cases reported to the ACCC. But that doesn’t tell the full story, as it’s estimated that three out of four cyber-attack cases are unreported.
What is Ransomware?
Ransomware is a type of malware that infiltrates your computer and files. It interrupts your functionality by encrypting your personal data or hijacking your browser, blocking your access. The hackers demand a fee be paid to restore your system, but even if you do pay, there’s no guarantee that the ransomware will be removed - it can lay dormant, ready to attack again.
Any business or individual could be a ransomware target. In Australia, there have been reported cases across many sectors and industries, even government departments. Andrew Lomas, Director at Creative Folks IT, says the number of ransomware attacks on Australian small businesses is rising fast. “A few years ago, ransomware wasn’t something we saw all that often. Today, it’s a common problem among small businesses. Most are unaware of the threat and don’t have the right security measures in place to reduce the risk,” he says.
What Does It Look Like?
Ransomware is spread via a malicious email or website, and its many shapes and forms makes it hard to spot. It’s usually sent in an email, often disguised as correspondence from a well-known and trusted organisation. Then, when unsuspecting users open the email’s attachment, the ransomware is unleashed. In 2015 a fake Windows 10 upgrade email deceived many Australian businesses, and in 2016, a staff member from a government organisation opened an email that appeared to be from Australia Post, which resulted in thousands of files being encrypted by ransomware.
Because ransomware campaigns are constantly evolving, you’ve always got to be on the lookout for anything suspicious. Everyone on your team should be wary of emails that look slightly off, and have a rule to not open attachments or click on links, unless you know and trust the source. If you’re suspicious of anything, err on the side of caution and hit delete.
So… How Do I Avoid It?
Ransomware infections can happen to anyone – but there are three things you can do to minimise your risk: education, antivirus and total data protection.
1. Education
Educating your team is a must. Anyone with access to the company email, computers and server should complete a user awareness training program, which aims to inform about the dangers of social engineering schemes and phishing scams. Teach good security practices regarding email attachments and stress the importance of diligence. Be smart about opening emails from suspect sources – if in doubt, don’t do it.
Also, be wary of the websites you visit, and the links you click while browsing, as ransomware could be lurking in “clickbait” too. And be suspicious of emails and pop ups offering free downloads – this is another common scam, so it’s always best to head to the source and download directly from their website. You can keep up to date with some of the current malicious campaigns on ACCC’s Scam Watch. However, even the most educated and well-meaning staff members are not immune to human error – which is why education, on its own, is not adequate protection.
2. Antivirus
Antivirus software is the second layer of a sound defence, and quality antivirus protection can stop thousands of attack attempts every day. You can install standalone antivirus software, but for the best protection, a security suite is recommended. Basic security suites generally include antivirus, firewall, antispam, parental control, and protection from phishing sites. Advanced security suites are also available, and include extra features like backup and password managers. Security suites help to prevent and minimise ransomware attacks, so if an employee does click on a malicious link or downloads a Trojan-containing attachment, it may save your system from full-blown infection.
Unfortunately, new strains of ransomware are always being created, often at a rate higher than antivirus can protect against them - that’s why antivirus software alone is not adequate protection. Traditional virus scans and basic online security measures will not be enough to protect your business from ransomware – you need a layered approach to your security technology, otherwise the probability that an infection will eventually succeed is high.
3. Total Data Protection
A data protection solution provides the ultimate failsafe in a layered defence strategy against ransomware. A data protection solution will automatically and invisibly take snapshots of your data at regular intervals, and store your data in a secure location. Should ransomware successfully penetrate your layered defences, you can simply “turn back the clock” to a snapshot of your business before the attack happened. No ransom, no downtime, no problem.
Don’t Wait Until It’s Too Late
All small businesses should make sure they have a solid defence strategy – taking action before an attack will save you the stress and financial losses that a ransomware attack will cause. A cyber security review by a Managed Service Provider can show you how to plug your IT holes, and implement a solid defence strategy to minimise your risk against ransomware and other security threats.
The threat of ransomware is real, and it’s happening right now, to small businesses everywhere. If you’re unprepared, and ransomware blocks your files, it can be catastrophic. Don’t be an easy target – act now and protect yourself and your business.