Australian businesses have been urged to recognise the high level of ransomware threat from cyber adversaries. Scamwatch has received over 3900 scam reports mentioning the coronavirus with over $3.1 million in reported losses since the outbreak of COVID-19. Ransomware acts as a method of extortion, locking a computer’s content and displaying a message requiring victims to pay a ransom in order for them to regain access. The emails delivering ransomware to Australian victims often mirror the branding of trusted and reputable corporations as part of their techniques.
Why are businesses vulnerable now more than ever?
With lockdown restrictions, Australia is relying on the internet more than ever before. Residents are compelled to shop online, while employees have adopted a new way of working, from home. Cybercriminals are using the pandemic to their advantage by preying on the fears and susceptibility of the population. As people begin to use new online services, there is a learning curve as they may be unfamiliar with their privacy settings, leaving themselves unprotected to an attacker. With screen time increasing during the lockdown period, so does the size of information made available to cybercriminals.
How to reduce the cybercrime risk to your company
- Train employees on security measures: it’s essential to implement the right security protocols that mitigate most of the risk. Employee training in this area should be a key priority for business owners. Well-informed workers make it difficult for scammers to gain unauthorized access to networks, files and information.
- Update your company’s operating systems and software regularly: Necessary remote work security practices include two-factor authentication, implementing a zero-trust network strategy and using an operating system that is secure by design. Each employee’s operating systems and software should be updated as frequently as possible.
- Use encryption for sensitive data and information: With the rise in employees working away from the office, communication of sensitive information is frequently occurring through email and phone. Companies should use full-disk encryption to protect computers, tablets, and smartphones of employees, saving a copy of the encryption password in a secure location separate from stored backups. A crucial note is that email recipients typically need the same encryption password in order to decrypt and access the information. You should never send the password or key in the same email as the encrypted document. Instead, give this to employees via a phone call or some other method.
Staying up to date with recent scams
You can access the most recent scams impacting business through the Scamwatch website. Businesses can also sign up to the ACCC’s Small Business Information Network to receive emails about new or updated resources and scams relevant to the small business sector. For more information on what to keep an eye out for and how to prevent cyber security threats, visit this webpage.
Consider your cyber/internet needs the same as if it was your home.
- Keep your ‘keys secure’
- Know where you are vulnerable
- Lock up/security
- Be aware of those around you
- Talk to your family (employees)
There is also personal cyber cover now available, to help personally with your cyber needs.
- Cyber bullying
- Identity theft
Want to know more? Give us a call on (03) 5278 6808