In an effort to increase cybersecurity awareness, the Australian Cyber Security Centre (ACSC) has launched a new campaign to assist in strengthening our defences, with the initial focus being on “Ransomware”.These type of online attacks are not something new, but as cybercriminals continue to take advantage of employees working from home, today’s blog post provides an overview of ransomware and strategies your business can implement to stay safe.

What is ransomware?

As explained by the ACSC at cyber.gov.au, “Ransomware is a type of malicious software (malware). When it gets into your device, it makes your computer or its files unusable.”

The idea is that your files will remain that way until a sum of money is transferred to the attackers nominated bank account, temporarily holding your files for ransom. Although we say “temporarily”, there is no assurance that you will ever get your files back, which is why you are encouraged to report these attacks, and withhold from transferring the criminals any money.

For more information on how ransomware works, check out this video from the ACSC which explains ransomware in 2 minutes.

What do I need to be aware of so that I don’t fall victim?

Ransomware is most often distributed in one of 2 ways:

1. Through email attachments containing viruses
2. Through malicious links accessible via email, online advertisements or social media

In either case, it can be difficult to identify a scam, so the most important thing is to be cautious of any communications you may receive. The ACSC provides several pieces of advice in case you receive any suspicious emails including: don’t open messages if you don’t know the sender; be suspicious of messages that aren’t addressed to you and; think carefully before clicking on links or attachments.

Protecting yourself and securing your devices

In addition to being wary, there are ways to safeguard your system against ransomware attacks including by:

• Setting up and performing regular backups (e.g. save data to an external storage device and to the cloud)
• Updating your device and turn on automatic updates (e.g. security and software updates)
• Ensuring you are using two factor authentication for all accounts (e.g. email, social media, messaging apps)
• Implementing access controls (e.g. restrict administrator privileges, don’t share login details)
• Enabling ransomware protection (enable this type of protection through your Operating System).

Like many online threats, ransomware attacks can be irreversible. Luckily, you can prevent them from occurring by ensuring that your devices are secure, that you remain vigilant at all times and regularly back up your files. If you do however, fall victim to a ransomware or any type of online attack, remember to report it to the ACSC straight away, so that they can alert others and provide assistance in resolving the issue.

Have a question, comment or idea for a future blog post? Email us at blog@afilias.com.au today.