How to protect your business from ransomware

Ransomware threats, which encrypt critical data and demand ransom, are intensifying and severely disrupting business operations. In Australia, 73 per cent of businesses have fallen victim to cyberattacks in the past five years^[1]. And, as ransomware threats escalate, so do their tactics. This includes the emergence of double extortion ransomware, where cybercriminals, in addition to demanding a ransom, threaten to publish stolen data if their demands are not met. The impact of these attacks is both tangible and widespread. For example, Australian logistics company Henning Harders shut down its cargo tracking systems upon detecting unusual network activity^[2], while Australian law firm HWL Ebsworth fell victim to a Russian-linked ransomware attack that obtained sensitive client information and employee data^[3].

Beyond the immediate financial and operational disruptions, ransomware attacks inflict long-lasting damage on a company’s reputation and trustworthiness. The losses extend far beyond the ransom and include significant time and data losses, impacting the overall credibility of affected organisations. Unfortunately, ransomware attacks are a lucrative business for cybercriminals and it’s time organisations of all sizes faced the threat head on.

Here are some key ways to strengthen your cybersecurity and mitigate the risk of ransomware attacks:

1. Undertake a comprehensive network assessment

A thorough inventory of your company’s network assets is vital, especially those with remote or hybrid work models. This includes a clear understanding of all devices and software used by employees, which will help you identify potential vulnerabilities. Regular audits and updates to this inventory are essential for maintaining network security.

2. Conduct regular system updates

Keeping systems updated typically involves installing security patches released by software vendors. Establishing a routine for checking and applying updates, possibly automating the process, can help ensure that systems are always protected with the latest security measures. By employing a patch management program, you can ensure endpoints are regularly updated, including notifications for devices falling behind.

3. Create a data backup strategy

For Australian businesses, implementing a robust backup strategy is essential. We recommend regular cloud backups. The strategy should be tailored to the unique risks and business continuity requirements of your company, considering factors like the frequency of backups and the type of data being backed up. Testing and verifying backup systems regularly is also crucial to ensure data can be recovered in an emergency.

4. Implement employee training and awareness

Emphasise regular, updated training sessions, including recognising phishing emails and practising safe online behaviours. Given the variation in cyber literacy across different departments, interactive training methods like mock phishing exercises can be particularly effective for your team.

5. Avoid paying ransoms

The Australian Government advises against paying ransoms. Paying does not guarantee the recovery of data and can fund further criminal activities. Australian businesses should have a clear policy and response plan for ransomware incidents, which should include contacting the Australian Cyber Security Hotline on 1300 CYBER1 to report the ransomware attack.

6. Use anti-ransomware solutions

Anti-ransomware software monitors for ransomware-like behaviour and can stop attacks before they cause significant damage. Consulting with cybersecurity experts can help in selecting and configuring the right anti-ransomware solutions for your specific business needs.

Stop ransomware in its tracks

At Techwell, we’ve developed a layered cybersecurity approach to safeguard businesses from the threats of ransomware. Our strategy involves a combination of constant monitoring to detect threats, timely identification and resolution of vulnerabilities, and regular updates to our systems. We also place a strong emphasis on employee training to heighten awareness of potential security threats.

Our suite of services includes managed IT services, cybersecurity solutions, IT security audits, and cloud migration. These offerings are designed to address key areas such as system maintenance, network assessments, and robust data backup strategies, all crucial in establishing a comprehensive defence against ransomware.

For a more detailed understanding of how our services at Techwell can specifically help protect your business from ransomware, contact the team today.

[1] https://www.mcgrathnicol.com/insight/ransomware-on-the-rise/
[2] https://harders.com.au/news/important-shipping-update-32/
[3] https://hwlebsworth.com.au/cyber-incident/