Online Risk Management
We all know having an online presence enables small businesses to expand the reach of our products and services to a wider range of customers however we must be cautious in managing the risks our reliance attracts.
Late one Friday afternoon in 2011 an unemployed truck driver chose a small online business to hack – Distribute.IT. This attack eventually destroyed Distribute.IT’s production data, backups, snapshots and any information the highly competent IT savvy owners attempted to salvage. 30,000 of their clients’ websites were taken offline with some ultimately unrecoverable. Distribute.IT’s owners were eventually forced to sell the remainder of their business, their homes and put ten years of their, once profitable, business behind them because of this apparent random malicious hack.
In 2015 Australia is now the second most targetted country for ransomware cyber-attacks with small business intrusions increasing. With more users consenting to pay ransoms, perhaps because they may lack the expertise to deal with them, Australia is a financially lucrative and attractive market.
A recent alert indicates a type of ransomware is residing in an email offering a free upgrade to Windows 10 which claims to be from Microsoft. This email contains a zip file attachment which, if run, will encrypt files, including word documents and photos, until you pay. Other current cybercrime threats include malware infections, wireless internet misuse, online fraud, phishing, denial of service attacks and cloud computing risks.
Just as we take steps to ensure our premises are secure with the use of locks, security alarms, surveillance cameras or anti-theft devices, so too is protection available for our online environment. Basic precautions include technical countermeasures, such as security patches and antivirus tools, organisational policies directed towards improving the security culture, and increased physical security measures for hardware, infrastructure and data.
For further information and assistance subscribe to updates from the Australian Government’s Stay Smart and/or from Scamwatch. websites and ensure your systems are regularly reviewed.