In recent weeks, we’ve seen various countries across the world affected by major cyber attacks involving ransomware. The ransomware, believed to be a malicious computer virus known as Petya, has wreaked havoc on more than 200,000 organizations in over 150 countries – including companies, universities, government agencies and hospitals across Britain, Spain, Portugal, Russia and Ukraine.
Earlier this month, Mikko Hypponen, chief research officer at Helsinki-based cybersecurity company F-Secure, called the series of attacks "the biggest ransomware outbreak in history."
Now, this global ransomware attack has hit Australia, disrupting the operations of a number of Australian businesses – including the Cadbury chocolate factory in Hobart.
With companies worldwide scrambling to recover from corporate chaos, Australian business owners and leaders are no doubt worried about how ransomware could affect their own organisation. If you’re in this position, it’s important to understand how this form of cyber threat works and think about how you can protect your business, well before anything goes wrong.
Being prepared, and taking precautions against the risk of ransomware, will help you minimise the threat of cyber attacks on your company. Here’s what you need to know about ransomware, how it works, and steps you can take to protect your organisation.
Ransomware, such as the Petya virus, is a type of malicious software that has the ability to freeze or shut down computers – from an individual’s personal laptop computer, to the servers of a whole organisation.
You might be wondering how your computer can become infected with a virus like this? Well, to gain access to a company’s system, the malware virus needs to be downloaded onto a device within the network. To make this happen, the virus is generally hidden in an email, in the form of a link or attachment, that can be clicked on and opened by unknowing employees. When the link or attachment is accidentally opened, the virus is immediately downloaded to the system, freezing computers, taking out servers and locking up company files.
Once this has happened, hackers and cyber criminals have a way to extort money from companies or individuals. After gaining control of a system, they demand a ransom in return for decrypting the virus and unlocking computers. Pretty scary stuff, right?
The past month has shown us that it’s critical for business owners to pay serious attention to cyber security and the risk of ransomware attacks.
As the internet and the real world have become increasingly intertwined, our businesses and lives have become increasingly vulnerable to cyber criminals. Any company or organisation that depends on daily access to important data for business operations – and can’t afford to have those operations disrupted – should be worried about ransomware.
It's not only large multinational corporations, government agencies and big business that are at threat of cyber attacks. As individuals, we are also at risk of being targeted. So even if you’re not a business owner, or CEO, read on for some important tips for protecting yourself against ransomware.
One of the best defenses against ransomware is to back up important data daily. This way, even if your company's computers and servers do get hacked and locked, you can't be forced to pay for access to important business data.
The director of the Australian Centre for Cyber Security at UNSW, Professor Jill Slay, recommends companies “update all Windows systems if not updated and make sure all critical files are backed up.”
"Just be really careful to back up, update Windows and applications, do not open unexpected attachments to emails – this is what we should be doing anyway – and install antivirus software if you do not have it already," Slay advises.
Jason Tanz, site director at Wired, agrees and recommends backing up your files remotely, or to the cloud.
“Make sure you're backing up your files every day, and that means on a hard drive that is not connected to the internet," Tanz says. Because ransomware is only an effective threat when there’s no other record of the files being held for ransom. As Tanz says, “if you have all your files backed up, it leaves those using ransomware against you without any power whatsoever."
Removing this power is an important step in reducing the threat of ransomware. As well as backing up data, help employees to be aware of the risks of opening suspicious emails, and clicking on links and attachments within emails. Be particularly wary of compressed or ZIP files, as these attachments are often used to hide malware viruses. And always install software updates as soon as they are available. Antivirus programs can also go a long way in stopping ransomware from being downloaded onto computers.
By taking these precautions, you can protect yourself and your business from malicious ransomware and the risk of cyber attack. Being prepared, and taking proactive steps for increased cyber security, really is your best line of defense.