Ransomware
In April, I was invited to participate in an interview hosted by Small Business Connections Forum. I had the pleasure to speak with TV Host – Director of Gravia Media, Vivienne Ryan. We spoke about how the pandemic changed the way businesses operate. With employees working from home and businesses cutting costs in security, we are more vulnerable to cybercrime than ever before. This has not only increased the high volumes of phishing attacks but the rise of ransomware continues. Here are 3 reasons why Australia has become a global focus on ransomware and how together, we can take simple steps to protect our businesses.
We pay the ransom
We often hear many companies paying the ransom to protect their reputation and allow for business continuity. However, what we have also seen is that, once the money has been handed over, there is no guarantee that victims get the decryption key. By paying the ransom, organisations further encourage the ransomware business model. So reporting this to the authorities and working with experts is a better bet.
Advice: We understand how difficult it is to stop business continuity. However if there is no guarantee of a decryption key, you should never pay the ransom. If you have been infected by ransomware, visit No More Ransom and it will lead you to decryption tools.
We think cyberattacks won’t happen to us
The real question to ask is, What will occur if a cyberattack were to happen to you? So really have a look at the scenario where potentially all your marketing material, customer information and pricelists was taken away from you today, ask yourself, could you operate your business? 9 times out of 10 the simple answer is no. If businesses don’t start to take cyber security seriously, they are putting their business at risk. While budgets are dependent on the shape and size of the business, there is a lot that decision makers can do to uphold their cybersecurity posture, which is free and cost effective.
Advice: If you are a business owner, stay on top of the latest cyber threats within your industry. Because from that, you can have an open dialogue and push for more security awareness training for employees and secure systems to be put in place.
We miss big red flags
One of the big red flags we keep missing is clicking on unknown links. Cybercriminals are good at crafting emails that generally has an attachment or link. If an email or domain name looks suspicious, it probably is. However sometimes it is hard to tell the difference when they appeal into our emotions by pretending to be a friend or sending a birthday invitation. It takes more awareness not to fall victim to phishing, malicious text messages or even phone calls. It’s about having the innate ability to identify those links and respond. By taking just 30 seconds to look closely at the domain name and not click on the email, this can eliminate a cyberattack from happening.
Advice: If you are an employee, go back to basics — if you’re suspicious of a link via email or text, always go to the official source manually. If it’s a company email, talk to your superior. The best part about this is, the innate awareness does not cost anything.
