In recent months, global ransomware threat attacks such the WannaCry and Petya outbreaks have caused widespread disruption and losses for businesses and public-sector bodies around the world. Some industry pundits fear they represent just the start of a new wave of targeted cyber crime.
These attacks have highlighted the vulnerable position of Australian businesses when it comes to cyber security, yet how many are still failing to undertake urgently required remediation.
Worryingly, a WatchGuard Technologies survey at this year’s CeBIT conference in Sydney found that 23 per cent of Australians feel insufficiently protected against a future ransomware attack and that more than one in three Australians (37 per cent) are uncertain if they are protected at all. Just under half (46 per cent) know of an organisation which has been the victim of a ransomware attack.
Interestingly, the same survey found that more than one in three (37 per cent) don’t know if they have ever been the victim of a ransomware attack pointing to the fact that they may not understand what a ransomware threat is or may have inadvertently been a victim but not realised it at the time of attack.
As business owners are understandably focused on the day-to-day challenges of running their business it may mean they are not paying sufficient attention to cyber security. And many, while they might be aware of the risks, have not considered the impact a ransomware attack could have on their operations. Effects could range from mild inconvenience to a data loss so significant it puts them out of business.
Every business needs to have a clear strategy in place when it comes to cyber security, and formation of that strategy has to start with management. The strategy must take into account the evolving threat environment and clearly outline the steps that will be taken to minimise the risk of attack. More education is required for business leaders as many are still not taking basic steps such as deploying software patches that could significantly reduce their level of risk.
There is also a need for ongoing education of staff around IT best practices. They must be aware of the risks associated with opening emails from unknown parties, visiting suspect websites and installing software from unknown sources.
Indeed, IT security is the responsibility of everyone in a business and all have a part to play in ensuring defences are as robust and effective as possible.
The good news is that that there are some critical steps that can be taken to reduce the likelihood of infection. They include:
It’s important for users to be aware of the threats that malware brings. Staff should be educated about phishing attacks and to be cautious when downloading files or opening attachments from unfamiliar parties.
Regular backups of critical data are a vital part of any security strategy. In larger organisations, a global share drive can be created in which all important files should be stored. This drive can then be backed up as often as is needed. Copies of backups should also be kept offline as an additional layer of protection.
Defence in depth
In a complex IT infrastructure, there should be multiple layers of security designed to stop attacks. While no single defence can protect completely, creating a defence in depth strategy will ensure systems and data are as secure as they can be.
It’s only a matter of time before self-spreading ransomware – or ransomworms – begin to wreak havoc. By taking a comprehensive and multi-layered approach to security, businesses of any size can reduce the likelihood they will fall victim to malware attacks and avoid the disruptive and potentially costly problems they can cause.
David Higgins, ANZ Regional Director, WatchGuard Technologies