You better watch out…Ransomware is coming to town

As the silly season begins, the risk of ransomware threats and online security breaches increase. CSO Magazine recently reported that Australians are the world’s most susceptible to ransomware threats.

More Aussies than ever are expected to do their Christmas shopping online this year. You’ll be bombarded with Christmas online offers from your favourite retailers. And while purchasing online you’ll readily submit your email addresses, personal and credit card information with a number of online stores, and you’ll probably wait impatiently for a parcel two to arrive in time via Australia Post or courier service. In the mad dash to get your gifts before Christmas day, you may let your guard down making you susceptible to numerous online security breaches including the very serious ransomware threat.

What is a ransomware threat?

Ransomware threats work by sending you an email pretending to be from an entity you believe is legitimate, for example Australia Post emailing you about a package you’re expecting or Office of State Revenue (SDRO) concerning a speed camera fine or even the Australian Tax Office (ATO) regarding this year’s tax return. They’re clever and crafty enough to trick you into clicking on a web page link that results in you infecting your PC. The payload then start encrypting your files and you’ll receive a message requiring you to pay a ransom to get the decryption key to retrieve them.

In most cases, you pay the fee, and files are returned, but your network security has been breached. In worst-case scenarios, you pay their fee, and files are not returned, lost forever, which leaves you to rebuild your network from scratch. I know of many cases where this has happened. In one particular instance a person who was by coincidence expecting a package, was so determined to open the Australia Post email link, he infected four separate PC’s in the office trying.

How to protect yourself against ransomware threats:

Be vigilant with Email

• If you don’t know the person, don’t open the email. • Avoid clicking on web links in email. Better to type it out yourself
• If you do want to click, hover the mouse over the link first and check the underlying link is correct
• Ask yourself, would entities like the SDRO or Australia Post know my email address in the first place?

If you think you have clicked on an infected link make sure you:

1. Turn off your PC immediately
2. Disconnect the backup attached to your PC or network.
3. Call your IT service provider.

As always, make sure you back up your data and change passwords regularly. There are many other ways of reducing the risk and we’re more than happy to help design a strategy to protect your business.