How to protect your company from cyberattacks
The ransomware and data breach landscapes are constantly changing. Further, it is clear that many Australian organisations don’t have the necessary cybersecurity strategies in place to defend themselves, their employees and their customers from the ever-evolving range of cyberattacks affecting companies around the world.
In fact, according to the 2019 Telstra Security Report, one of the top security challenges globally for organisations is the ability to detect and respond in a timely manner to incidents. Telstra’s survey shows about one in four Australian businesses don’t have an incident response plan in place to deal with cyberattacks when they occur.
So how can you ensure your business will successfully detect, mitigate and fight ever-evolving ransomware and data breach attacks? To help you stay protected, the team at ESET has compiled their top tips for defending your company from cybersecurity incidents.
Ransomware: A quick refresher
Let’s start with a quick refresher: What is ransomware and how does it work?
Ransomware is a type of malware that encrypts your hard drives or files and demands a payment, usually in bitcoin, in exchange for a decryption key. Without the decryption key, victims may never regain access to their files.
There are a number of ways ransomware can gain access to a computer.
One of the most common is through phishing — email attachments or links that pose as trustworthy, but once opened, can take over the victim's computer. Other, more sophisticated versions of ransomware, like NotPetya, are able to infect computers without having to trick users into providing access.
Ransomware attacks might feel like a thing of the past — high-profile cases such as the WannaCry and NotPetya ransomware outbreaks were a few months apart in mid-2017, after all. However, while conventional file-based ransomware attacks have generally become easier to contain, there are still many ways cybercriminals can target vulnerable companies and encrypt their data.
It’s important to note here that ransomware and data breaches are different. While traditional ransomware generally blocks access to data until a ransom is paid, data breaches typically only copy data from an organisation for malicious use or financial gain later – from fraudulent job qualifications to identity and financial theft.
Recently, there has been a clear shift from ransomware or file-based cyberattacks to more sophisticated hacking methods and insider attacks on organisations’ networks and data. Data breaches may prove more profitable than ransomware, which can be quite hit-and-miss: it’s never guaranteed that the victim will pay the ransom.
The risks of ransomware and data breaches to business
Both ransomware attacks and data breaches can cause significant damage to a business — from operational interruptions and reputational damage to financial loss and legal ramifications. The average cost of a data breach has risen 12% over the past five years to US$3.92 million, according to IBM’s 2019 Cost of a Data Breach study — and can haunt firms for years after the incident occurs.
Closer to home, Telstra has found that 65% of Australian businesses were interrupted due to a breach last year, while 55% have been fined for breaching the Notifiable Data Breaches Scheme, the General Data Protection Regulation (GDPR) or other similar legislation.
Should you pay the ransomware ransom?
Most law enforcement authorities will recommend you don’t pay the ransom, in order to discourage future attacks. However, while 66% of companies say they would never pay a ransom out of principle, 65% actually do pay the ransom when hacked, according to Trend Micro. And while ransomware attackers keep prices relatively low, there’s no guarantee you’ll get your files back once you’ve paid.
Unfortunately, for a data breach, it’s nearly impossible to get your data back once it’s been stolen. Ultimately, the best way to protect yourself against ransomware and data breaches is to prevent cyberattackers from breaching your security in the first place.
How can you keep your organisation protected?
The best protection against ransomware and data breaches is, of course, prevention. Here are some basic prevention and recovery tips to protect your business data from ransomware and data breaches:
- Regularly train your staff to recognise cyberthreats and how to handle social engineering attacks such as phishing emails.
- Backup your data on a regular basis and keep at least one full backup of your most valuable data off-line. That way you won’t have to pay a ransom!
- Protect your backups with two-factor or multi-factor authentication (2FA, MFA).
- Keep all software, apps and operating systems updated to ensure any vulnerabilities are regularly checked and patched.
- Review firewall settings and close any non-essential ports that could lead to a compromise.
- Check your networks for weak passwords and ensure they are updated and improved.
- Strengthen password access systems wherever possible with 2FA or MFA.
- Use a Virtual Private Network (VPN) for employees accessing company systems remotely.
- Employ strong controls on remote desktop protocol (RDP) and other remote access tools, thoroughly log all such access and enforce more stringent password requirements (including 2FA or MFA if possible) on accounts that can be accessed this way.
- Review rules and policies for traffic between internal company systems and third-party networks.
- Limit shared file and folder access only to those who need it.
- Use a reliable, multi-layered security solution and keep it updated.
The best defence for your data
Your company, customer and employee data is precious, and you have a responsibility to keep it safe and secure. The most effective way to stay secure and compliant is to invest in a quality endpoint technology like ESET’s Secure Business solution that will both strengthen your defence and enable a single-point overview of your network security. Data breaches will continue to increase in frequency and sophistication, but with a strong defence posture, you’ll be able to react immediately and successfully protect your business, employees, and customers from wherever you are.
RFUANZ report: 2024 in review
Soren Low reflects on the achievements of the Radio Frequency Users Association of New Zealand in...
The importance of connected workers in mining digitalisation
Through a digitally connected workforce, mining companies can capitalise on the full benefits of...
2024–25 Thought Leaders: Sandra Wendelken
Sandra Wendelken from Tait Communications discusses the continuing importance of LMR, the push...