A cyber-attack could cost you over $100,000 - five ways to prevent one
Imagine going to work tomorrow (be it at your office, shop, factory, home study or anywhere else you make a crust) only to discover the locks have been changed and the windows boarded up.
All you see is note on the door that says, "Your business has been seized. If you ever want to see it and everything inside it again, you have three days to pay us a ransom. Otherwise, we'll destroy the lot".
And there's nothing the police or anyone else can do to help.
That may sound dramatic, but it's what happened to over 230,000 computers when the WannaCry ransomeware cyberattack hit 150 countries earlier this month.
Cyberattacks are common and very expensive
While May 12 is now known as 'The day the earth was hacked', it's important to remember that cyberattacks happen every day. And they are crippling not just governments and big corporations, but small businesses too.
Carbonite, a US cloud storage and recovery business that has backed up more than 500 billion files since 2005, reported that:
- 20% of small business owners lose data to hacking each year
- on average, each data hack costs between $100,000 and $400,000.
In other words, it pays to take cyber security seriously.
60% of Australian businesses have been hacked
Australia got lucky with WannaCry. Only 30 businesses were infected. Lucky that is, unless yours was one of those businesses that has had their cyber-locks changed.
Plus, that was just one hack, on one day.
At the CeBIT technology conference in Sydney this week the Australian Federal Police revealed:
- 60% of Australian businesses had suffered a cyber-attack that infiltrated their security and had a tangible impact on their business
- attacks have increased on major Australian institutions in health, finance and transport
- every year, there are over 1000 attacks on critical Australian infrastructure and systems
- cyber-crime costs the world $600 billion every yearand growing.
"It won't happen to me" (infamous last words)
But with all the focus on security and available products that can protect us, why do so many businesses get hacked?
While it's true that some new and sophisticated viruses can't be stopped, many attacks can. The main problem is that most Australian small business owners don't feel compelled to invest time or money boosting their cyber security.
The reasons why are probably best summed up in survey of small business owners on the other side of the world. The UK government's Cyber Streetwise campaign of 2015 was launched because:
- 66% of SMEs didn't consider their business to be vulnerable
- 26% believed only companies that take payments online are at risk of cyber crime
- 22% felt hackers wouldn't bother attacking small companies
- only 16% said improving their cyber security was a priority.
Considering Britain was hardest hit by WannaCry, we can only imagine how many owners of crippled UK businesses wished they'd paid more attention.
How to (help) protect your business from cyber attacks
There are no sure things in life, and that includes cyber security. But there are some simple best-practice things you can do now to dramatically reduce your risk of falling victim to a ransomware attack and many other cyber-attacks.
1. Kick Windows XP to the curb
Yes, it's a logical, easy-to-use Microsoft system (those were the days), but XP no longer being babysat by Microsoft and their security team. In other words, you're on your own and that it puts your business at a huge risk.
WannaCry hackers were only asking for a few hundred dollars in Bitcoins. Next time someone might steal all your data, content, personal information and more.
2. Don't ignore update nags
Yes, it's irritating to have Microsoft pop-up on screen and start nagging you about the latest version of something or other that needs to be installed on your computer. Especially when you're busy doing business.
But you should pay attention to them to make sure that:
- they're really from Microsoft
- anything to do with security vulnerabilities and computer performance is downloaded immediately.
Also, keep an eye on daily app updates that your small business relies on. If you see anything odd, double check with the provider before downloading it.
3. Keep up-to-date with the cyberattack news
The idea of adding cyber security news updates to your list of things to read might not sound like much fun. That said, you definitely won't laughing if an attack gets through, that could have been prevented with a little knowledge about the latest dangers lurking on the web.
In addition to crippling your business, hacking can put your customer's information in the hands of bad people.
4. Educate staff to be your 'Neighbourhood watch'
If you have people working for you, they need to be extra vigilant because every day they're the ones:
- clicking on and in emails from strangers
- updating computers
- visiting different websites
- taking calls from people and businesses
- handling private information for your business and customers.
If they're not aware of a threat or the need to update their computers, they could unknowingly launch an attack on your business.
So make sure they understand how important cyber security is, how easily things can go wrong, and share the information you receive from the news sites.
5. Build a wall and beef up security at your castle
If you are serious about security, you should consider investing in:
- A firewall - to help prevent unauthorised people accessing computers and networks (some computer operating systems, such as Microsoft Windows, come with built-in firewalls).
- A data backup solution - so any information compromised or lost during a breach can easily be recovered from another location.
- Encryption software - to protect sensitive data such as employee records, client/customer information and financial statements.
- Two-step authentication or password-security software - to reduce the likelihood of password cracking (at least for internal logins).
Put together an action plan
If your business is attacked and crippled, the last thing you'll want to be dealing with is panic and mayhem. To help minimise the impact and get things back on track faster:
- create a plan that addresses ways to reduce the risk of cyber-attacks and what to do if it happens share it with suppliers and staff
- consider having an outside expert on-call (especially if it's happened before).
When you're busy managing a business, you have enough on your plate without thinking about the threat of cyber-attacks. Plus, like a major illness or natural disaster, it's difficult to imagine a cyber-attack will ever happen to us. Until it does.
One attack can be so costly for a small business. Even terminal. By making sure you have these security tips in place today, can save you a lot of preventable headaches tomorrow.
Who knows, it could be the best business decision you ever make. Contact your local Snap Centre today.