Think before you click – the increase of ransomware

We have recently become aware of a few unfortunate cases of ransomware, where users’ data is taken at ransom due simply by clicking a link and opening a malicious attachment from an unsuspecting website. Whilst it shares some similarities to some types of malware including trojan horses and phishing, it requires the individual or organisation pays money to overseas organisations to release the information, often with limited or no success.

Unfortunately, due to the complicated nature of this software, it is very difficult and expensive to recover the information as it is encrypted using various technologies available to most organisations.

Australia has taken up some ways to assist in addressing cybercrime, with the Australian Government recently announcing Australian Cybercrime Online Reporting Network (ACORN) (link opens in new window) which allows you to securely report cybercrime incidents which may be in breach of Australian law.

Further, the Australian Communications and Media Authority (ACMA) has developed an online portal known as the Australian Internet Security Initiative (AISI) (link opens in new window) by addressing compromised computers by working with internet service providers.

To ensure you remain protected, we recommend that you:

  • Do not open files from people that you do not identify with or not expecting files from.
  • Maintain adequate internet security software and ensure updates are applied.
  • Perform regular backups of your critical information, and store copies offsite on portable hard disk drives.
  • Be wary of those who contact you, especially from organisations that you do not purchase from.
  • Create a secondary email address that is provided to those who you are unfamiliar with (such as sales and advertising organisations).

If we can assist you in any way, please feel free to contact us to engage CyberGuru’s computer solutions to assist in the implementation of the above recommendations. We can also provide security awareness training to staff to become aware of what constitutes a malicious email and to prevent instances of ransom ware in your organisation.