Cyber security is in the news again.
Unfortunately, many businesses large and small around the world have been targeted yet again by cyber criminals, who are demanding a ransom be paid to unlock encrypted files on servers.
This particular ransomware outbreak looks to be as big as the WannaCry story that broke in the news recently. These attacks have such an impact that they affect the public and make it into the mainstream media.
Don’t ever assume that it’s only the big corporations that are the target of attack. Cyber criminals are not fussy. They’ll take money from anyone naïve enough to pay them a ransom.
At Wiser Connections we advise that you do not pay ransom to cyber criminals. There is no guarantee that you will have all of your data restored, and it is quite likely that they will leave a little back door open somewhere in your systems to come back and attack you again at a later time.
So, if you haven’t got the message yet, you must protect yourself from these attacks!
Here are a few simple and practical steps you should take:
- Be prepared
You must be ready to recover from a disaster and able to restore all your data when you’re attacked.Note that’s ‘when’ not ‘if’.
Regularly back up ALL your data.And test that you can restore from the backups.
How often you backup is up to you. Just remember that the longer you leave it between backups, the longer the gap back to the last un-corrupted version of your files if you have to use a backup to recover from.
For small businesses, we recommend that you have information backed up onto devices that can be unplugged and taken off site. This is referred to as an ‘air-gap’, ensuring your backup data is not able to be accessed from your network. For a small business that can be as simple as an external hard-drive that you take home from the office every night. These cost as little as $77 from Officeworks.
- Defence is vital
Some basic steps to try to prevent attacks are:
- Be aware and vigilant. Prevention is the best form of defence. Keep all your employees aware of all the possible threats and to never let your guard down.
- Keep your systems up to date. The latestattack and the recent WannaCry attack both exploited vulnerabilities in the Microsoft operating system which is used on servers. All that’s needed to prevent this attack is applying the latest patch provided (for free) by Microsoft.
- Anti-virus software. Insist good quality anti-virus software be installed on every device that connects into your business or organisation’s computer network. Software such as Kaspersky Anti-Virus is worth the investment, as its databases are constantly being updated to prevent the latest threats.
- Protect your borders. You must ensure any information you provide access to from outside your business or organisation is in a separate, protected network. For example, your website must be hosted by an external provider or in a DMZ (de-militarised zone) with firewalls blocking unauthorised access.
- Penetration testing. Engage a good, reliable supplier (refer to our approved supplier list) to test how well you are protecting your valuable information, by testing how easy it is to penetrate the defences. Be sure implement all the improvements they suggest!
- Recover from attack
When you’re attacked it’s important to respond appropriately. Note we're saying ‘when’ not ‘if’ you are attacked, as it is almost impossible to avoid attack in today’s connected world!
Recovering from attack can take days, and you may never fully recover all of your information if you haven’t been disciplined with backups.
The first thing to do if you think you’re computer’s been hacked is to unplug its network cable. Immediately tell everyone in your business that there’s a suspected problem, to try to limit the reach of the virus.
Do not try to fix the problem yourself! Ask a professional for help to detect, disinfect and restore from backup (refer to our approved supplier list).
Tell us your stories!
What horror stories about hacking attacks have you heard about or been involved with?
The more we are all aware of what can go wrong, the better chance we have of mitigating the risks!
Wiser Connections is here to help
Our consultants have many years’ experience in the industry and we are here to help. We pride ourselves on being able to find appropriate solutions for your issues, whilst remaining fiercely independent of other information technology providers.
Please contact us today to discuss how Wiser Connections can assist your business.
Read more in this article from renowned cyber security protection company Kaspersky: https://blog.kaspersky.com/new-ransomware-epidemics/17314/