Local Penrith businesses have been told that they are most risk of being exploited by cyber criminals because they usually lacked the IT resources to defend themselves.
Cyber Security specialist and Chief Security Officer with Local Area Marketing, Burt
Mascareigne, told members of the Penrith Small Business Owners Network, that rapidly spreading ransomware attacks use a smart, signatureless software bypassing traditional anti-virus and malware programs that rely on identifying “signatures” to prevent attacks.
“Recent attacks in Europe against major companies and government infrastructure succeeded mainly because of system flaws, since fixed because those institutions have the resources,” he said
“Small business usually don’t have the IT expertise of even threat knowledge and become easy targets for ransom demands because an attack can shut their business down.”
Mr Mascareigne, who is also a director of cyber security company DropInSecurity, said anyone can go onto the dark web and for $4,000 buy a ransomware kit and become a cybercriminal. “This problem is not going away. It’s going to get a lot worse.”
He said ransomware attacks are usually triggered by someone opening the attachment in a legitimate looking email appearing to come from a business client, trusted individual or visited website.
“We recently completed a survey of over 1,000 companies to see where most ransomware attacks came from and found approximately 50 per cent were from emails appearing to come either from Australia Post, the ATO and other businesses.
“The other half came from advertising networks that supply ads to popular sites people regularly use like Facebook, YouTube, news sites,” he said.
“Ransomware works by encrypting all your computer files. Then it works out where your backups are, locks those and you’re at the mercy of the cyber criminals,” Mr Mascareigne said.
Use external backups, don't pay ransoms
He said cloud back-ups via Google Drive, Dropbox and similar services are at risk because they are linked to your computer. He recommended several safe backup-options including using portable drives rotated daily if possible, so any data loss would be limited to that day only.
“Staff education is very important too as innocent actions often trigger data disasters,” Mr Mascareigne said.
He advised businesses against paying ransom demands. “It’s too dangerous for the criminals to continue talking to you. They are hoping you just send them money, usually around $500 in Bitcoin currency. They just take it. There’s no incentive for them to give you the key and risk getting caught. You always lose.”
Mr Mascareigne reminded attendees that all businesses subject to Privacy Act requirements, must prepare for the Federal Government's Mandatory Data Breach notification legislation coming into effect from 22 February 2018. This will require businesses to have policies and practices in place protecting client data and notifying the Privacy Commissioner of any breaches. Fines will apply for breaches.
Mr Mascareigne said free anti-ransomware resources including videos, staff training information and tip sheets are available to businesses at www.antiransomwarecampaign.com.au