How Much Could A Ransomware Attack Cost Your Business?

How much is your data is worth? Information is probably the most valuable part of your business. Imagine if you lost your client database, accounting software, inventory management and any intellectual property you may own. How long will it take to recreate this data and how much money would you lose in lost productivity, staff wages and the time it takes to either recover or recreate the lost information?

Recently when the WannaCry ransomware spread through out the world, many businesses were suddenly forced to re-assess the value of their data: was it worth saving and what would be the ongoing costs of the attack?

If you don’t have a recent backup most ransomware attacks cost at least $US200 (if not a lot more) to get your files released and that is only IF the cyber criminals honor the payment and actually give you the decryption key (some even demand further payments). Meanwhile your business is still running and new client calls are still coming in and you may find yourself unable to operate with your systems down.

Paying the ransom may seem like a quick fix but:

  • There is still the downtime involved to restore your data resulting in lost productivity.
  • If word gets out that your data has been compromised you may find confidence in your business plummets and your existing clients head elsewhere.
  • The cyber criminals you pay, may now see you as an easy target and demand more money or target you for other scams and malware activity.
  • You may recover the data but is it compromised with other malware?
  • You may not get back all the data that has been lost.

So that $US200 ransom may end up costing many, many thousands of dollars!

How To Prevent Ransomware Attacks on your Business

Keep your systems up to date: Malware can take advantage of flaws in older versions of Windows and software – sometimes ones that have already been patched by Microsoft and third party vendors. To be protected businesses have to stay up to date with their patches & versions. To be up to date with Windows patches you need to be running a supported version of Windows. Delaying patches and updates puts your business at risk – we can help you keep you systems up to date.

Use corporate grade security software and firewall: Free software may be fine for low end home computers but if the worst happens you will get no support or help from a company providing free software. A firewall or UTM (unified threat management) device can also help block malware and ransomware infections. But whether it is a free or paid for solution the software (and any hardware devices) must be kept up to date.

Lock down employee computers: Very few staff will require full administrator access to your business network. With a higher level of permissions the more damage a person can do – either accidentally or by inadvertently installing malware. By locking down your computers you have a better chance of containing a malware attack to non-vital systems. Our expert computer technicians can design an access management plan that gives you best of both worlds – flexibility and security.

Educate your workplace: Most employees believe they are being cyber-safe but in reality it is quite different. Many malicious links and embedded malware have become harder to spot – and all it takes is a microsecond to click (and later regret it). We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments and the importance of malware scanning and keeping systems up to date. We can help get the message through!

Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Also a lot of cloud backup systems, such as Dropbox, immediately clone the infected files which also renders the cloud copy useless. The only safe backups will be the ones both physically and electronically disconnected. Our experts can set you up with a backup system that makes recovery simple.

Be proactive: The best way to avoid the costs of a ransomware attack is to prevent it from happening in the first place is with up to date antivirus software, regular systems updates and security audits. Remember, many businesses were able to watch WannaCry from the sidelines, completely unaffected and seized opportunities while their competitors were down.

Our regular maintenance plans can help protect your business against the next cyber-attack. Call us today on 08 8326 4364 or via email at support@dpcomputin g.com.au.

How To Stay Cyber Safe When Travelling

Mobile Cyber SecurityWith cloud computing people are embracing the flexibility of working away from the office (whether at home or travelling) and working by simply accessing the relevant data or applications via the internet..

When in the office, you are protected by professionally designed firewalls, security infrastructure, and robust software. As soon as you step away from that network those protections disappear and leave your device and the data inside at greater risk.

Cyber attackers love to collect any data they can obtain – business or personal doesn’t matter to them as it can all be sold. These days the information stored on your device can be worth much more than the actual device.

Here are 3 ways a hacker may attack:

Random Opportunity: If you have left your laptop at a café or a thief has stolen the phone from your pocket, the outcome is the same – that device is gone. Hackers take any opportunity they can to gain access to a device: including taking them from hotel rooms and even asking to ‘borrow’ them for a few minutes – if they don’t steal it the device is handed back laden with spyware.

Creating a fake Wi-Fi Hotspot: We’ve all come to expect free Wi-Fi networks wherever we go. Hackers though will take advantage of this to create their own free, unsecure network just waiting for someone to connect. Once a user is connected a hacker can  grab any unsecured passwords sent across the network.

Intercepting an Unsecure Network: Hackers don’t even need to own the Wi-Fi network to steal content from it. Data traveling across an unsecure network is visible and available to anyone with the right software.

Don’t let these issues stop you using the Internet when out side the office. Just take the following precautions to increase your cyber safety and help protect your valuable data:

  1. Regularly make backups: In the event your device is lost or damaged, you’ll be able to replace the device with a new one and quickly restore all the data from a backup, all with minimal downtime.
  2. Be careful when using public Wi-Fi: Don’t use passwords or email when on a public network. Use a VPN or a 4G connection (ie tether your computer to your phones data connection) when you are accessing sensitive data or logging in to secure sites.
  3. Use passwords and encryption: At a minimum, make sure your device is password protected and has full drive encryption. With a password and drive encryption even if your storage drive is removed from the device the contents are inaccessible.
  4. Act fast after loss: If your device is lost or stolen, immediately notify the appropriate companies and people. This might include your IT provider so they can change passwords, your bank and any other financial institutions so they can lock down accounts, and any staff who need to be aware of the breach so they aren’t tricked into allowing further breaches.

If you need further help with mobile cyber security contact us on (08) 8326 4364 or on support@dpcomputing.com.au.