Blog

What you need to know about Ransomware

One common downfall for small and medium sized businesses it that they are often not prepared to deal with cyber-threats. In fact, small businesses are the target of 43% of all cybercrimes. This ranges from distributed denial-of-service (DDoS) attacks that result in your website or service coming offline, to phishing scams, and malware attacks, often involving ransomware.

Ransomware can be particularly harmful and can lead bankruptcy. Paying the ransom does not guarantee you will get your files back, and the loss of data and the downtime from having your systems crippled can cost a company even more. In 2019, ransomware attacks in Australia have cost businesses and the public sector up to $241 million, according to a new report.

 

Where does it come from?

Ransomware is often spread through phishing emails that contain malicious attachments. It can also be downloaded without you even knowing when visiting infected websites.

 

What does it do?

Ransomware takes control of your computer or your files and holds them hostage. They encrypt the files and it is impossible to success them without a mathematical key known only by the attacker. The attacker then demands payment via bitcoin or some other untraceable currency to restore access. There is often a time limit to increase the pressure to pay and if that time limit is not met, they threaten to corrupt the files, so they are unrecoverable.

 

What should I do if I get attacked?

  1. Quarantine.
    As soon as you notice you have been attacked, disconnect your computer from the network and the internet. This is important to stop the spread of the ransomware to other computers. This can be done by turning off the computer and unplugging any network cables. It is also important to isolate any backup devices on the network as well to protect them from infection.
  2. DO NOT PAY THE RANSOM.
    Paying the ransom will not guarantee you will get your files back.
  3. Contact your IT provider.
    They will help you decide the best course of action. If there is a back up solution in place, they will look over the latest back up to check for infection safely before wiping the encrypted machine and reinstalling the backup. However, the best course of action can only be determined on a case by case basis.
    Your IT provider will also help you put in place a plan to reduce the risk of being infected again and how to minimize damage and downtime if you are.
  4. Report to the authorities.
    Reporting to the authorities can help law enforcement gain a better understanding of the threats and can lead to investigations.TO report a cybercrime go to cyber.gov.au/acsc/report

 

How can I protect myself and my company?

Here are some tips to help you stay protected from ransomware and other cyber-attacks.

  • Have a secure and reliable back up system in place.
  • Use strong passwords and passphrases.
  • Don’t click on links in emails or messages or open attachments from people or organisations you don’t know.
  • Keep your software up to date.
  • Train your team on what to look for regarding phishing emails.
  • Learn how to browse the web safely.

 

Contact Rule Technology by emailing CyberSecurity@ruletech.com.au today for more information on how you can improve your data security and prepare your business in the event of a ransomware attack.

Downtime Assassin is dedicated to taking care of all aspects of your I.T. systems – so you can focus on running your business