"Prevention is better than Cure" -
Once cyber attacks occur damage mitigation & data recovery is unlikely
Is your SME Business Data Secure from Cyber Criminals?
Cyber-attacks have had an overwhelming increase in the past year, with a large percent specifically targeting SME businesses.
Once a Cyber Attack has occurred there is often very little mitigation that can be done towards data recovery, with statistics showing 60% of businesses end up closing within 6 months after experiencing a cyber attack. One of the main cyber-attack types that has hit business hard currently is Ransomware.
The meteoric rise of Ransomware attacks in NZ
2016 was the year that cyber criminals discovered New Zealand. A country where small and medium business are the bread and butter of the economy. SME's often have little to no network security as historically firewall appliances have been designed for large enterprise with a price tag to match. Consequently New Zealand saw a rise in Ransomware attacks of 163% over 2016. breaking that down into meaningful numbers, terms that's a massive 108 attacks a day.
What is Ransomware and how does it work?
Ransomware is malicious software that attacks all machines by encrypting all of files, mapped network drives and other resources accessible to your machine, making them inaccessible to users. In addition to locking users out of their files, cyber criminals frequently delete all local backups, shadow copies, restore points and make it impossible for even the best of techs to recover your data.
The cyber-criminal then post a message to your machine demanding a ransom for the files to be unencrypted. The ransoms demanded range from about $400 to tens of thousands depending on how much the criminal thinks they will be able to extort from each of their victims. There is no guarantee that if you pay the ransom the files will be unlocked or that the criminal will even be contactable as reputable email services often delete their accounts once identifying them as a threat.
A new study from IBM and the Ponemon Institute claims 66% of organizations would likely be unable to recover from a cyber-attack
How does Ransomware get onto my network?
Often through seemingly normal or harmless everyday tasks, such as clicking email links or attachments. Genuine looking emails requiring just one click can begin a process that leads to the destruction of your data. In the last 12 months cyber criminals have also been buying advertising space on Facebook and pop up ads on browsers.
"There's a problem with your pc, call this toll free number for assistance" messages draw people in so they actually call the cyber criminals for help. Victims speak to someone in a call centre who "take them through some steps to install a free anti-virus program". Of course what is really happening is that they are looking for ways to steal your personal and financial information or setting up ransomware to extort more money from you.
If you've been attacked by Ransomware, turn off your computer immediately and Contact Acre PC on 07 5525 744
Five things your business should do to prevent attacks
1. Get a security assessment.
Weigh up the cost of implementing a recommended system vs the cost of recovering from a cyber-attack. The team at Acre PC can provide a customer solution that best fits your business requirements. Call us today on 07 552 5744 to book an appointment.
2. Implement an IT policy
Small businesses are often more accommodating than large corporations when it comes to employees checking their personal email or social media on work machines. To protect your business, we recommend that every business lock their machines down to business use only. Acre PC can help you to implement a meaningful IT Policy that can be introduced to existing employees and added to your induction process for new employees.
3. Secure your network and minimize a security breach
The hardware based security solution Checkpoint have been around since the start - they are the company who created the first firewall and VPN solution and they've been leading the way in Network Security ever since.
Now they are producing appliances that cater to the needs of SME business. The appliances work by minimizing the user's ability to infect their devices (laptop, workstation or mobile) and in return keeping all company data safe.
The added bonus is it also keeps the overall IT cost down. Enterprise grade annual antivirus and anti bot software come with each appliance. Contact or Call us on 07 552 5744 to discuss getting your business protected with Check Point.
4. Isolate your server
If you use an on-site server then it should be isolated from the rest of your network. Many small businesses use a workstation as a server as well as a workstation. Opening up an email and clicking on a malicious link on this machine allows the cyber-criminal directly into your data.
5. Heightened awareness
Do not click on ads unless they are from a trusted source. Use strong Passwords. Never share your password. Beware of unsolicited emails.
If your security system is out of date or you've never implemented one, give Acre PC a call - we'll walk you through the steps to keep your business safe in the 21st century.
Your business cannot rely on outdated technology to secure your data. Contact Us to see how we can help you with up-to-date cyber security
Automated Cyber Attacks
In addition to hacking, where an individual or group are actively trying to gain access to steal or damage business data, there are many automated cyber attack systems currently on the internet, and more are being developed every single day. Below are a few definitions of the most common.
A Trojan is a programme that pretends to have desirable features but really contains damaging code. They are usually received through emails, infected web-pages or downloading games, movies and apps. They are dangerous because they can look innocuous (like a routine form) but once opened allow the attacker access to banking information, passwords or personal identity. Unlike viruses (see below) Trojans stay hidden and don’t usually inject themselves into files or reproduce.
Ransomware is computer malware that installs on a device (computer, smartphone, wearable device, etc) and executes an attack demanding a ransom payment to decrypt it or not publish it. Simple ransomware usually locks the system but occasionally IT professionals can find a way to reverse it. Not always though, it depends on the type of attack.
A computer virus is a software programme that once executed can reproduce copies of itself by replicating its source code with little or no user intervention. Typically, a piece of code interferes with how your computer operates by secretly filling up disk or memory space with copies of itself. It also causes damage by deleting or corrupting files. Viruses can be tricky to spot as they can be disguised as games, images, email attachments and website URLs.
Adware is software that tracks your internet browsing habits and sends you popups containing advertisements related to the sites and topics you’ve visited. It can decrease your computer’s processor and internet connection speed. If Adware does not notify you that it is gathering information, it is regarded as malicious.
Bots are programmed scripts to work across the web. A large number of these are malicious, designed to test networks and websites against common security holes. They specialize in finding holes in web code and network weakness, and exploiting them either for financial gain or even simply create chaos. The common website blog system, Wordpress, is particularly vulnerable to bot attacks. For more information on creating websites secure from bot attacks, click here.
For more information on Cyber Attacks and Cyber Security relating to SME Business, read online the government online security information site, Connect Smart