Posted on: September 22, 2020
Is COVID-19 cybercrime threatening your business?
Australian businesses have been urged to recognise the significant level of ransomware threat from cyber adversaries. Scamwatch has received over 3900 scam reports mentioning the coronavirus with over $3.1 million in reported losses since the outbreak of COVID-19. Ransomware acts as a method of extortion, locking a computer’s content and displaying a message requiring victims to pay a ransom in order for them to regain access. The emails delivering ransomware to Australian victims often mirror the branding of trusted and reputable corporations as part of their techniques.
Why are businesses vulnerable now more than ever?
With lockdown restrictions, Australians are relying on the internet more than ever before. Residents are compelled to shop online, while employees have adopted a new way of working, from home. Cybercriminals are using the pandemic to their advantage by preying on the fears and susceptibility of the population. As people begin to use new online services, there is a learning curve as they may be unfamiliar with their privacy settings, leaving themselves unprotected to an attacker. With screen time increasing during the lockdown period, so does the size of information available to cybercriminals.
How to reduce the cybercrime risk to your company
- Train your employees on security measures: It’s essential to implement the right security protocols that mitigate most of the risk. Employee training in this area should be a key priority for business owners. Well-informed workers make it difficult for scammers to gain unauthorised access to networks, files and information.
- Update your company’s operating systems and software regularly: Necessary remote work security practices include two-factor authentication, implementing a zero-trust network strategy and using an operating system that is secure by design. Each employee’s operating systems and software should be updated as frequently as possible.
- Use encryption for sensitive data and information: With the rise in employees working away from the office, communication of sensitive information is frequently occurring through email and phone. Companies should use full-disk encryption to protect computers, tablets, and smartphones of employees, saving a copy of the encryption password in a secure location separate from stored backups. A crucial note is that email recipients typically need the same encryption password in order to decrypt and access the information. You should never send the password or key in the same email as the encrypted document. Instead, give this to employees via a phone call or some other method.
Staying up to date with recent scams
You can access the most recent scams impacting business through the Scamwatch website. Businesses can also sign up to the ACCC’s Small Business Information Network to receive emails about new or updated resources and scams relevant to the small business sector. Find out more about how you can keep an eye out for and prevent cyber security threats here.
Cyber insurance
Cyber liability insurance acts as a safety net for when the unexpected may occur. Cyber insurance is designed to cover a range of risks such as business interruption due to security breaches or even data loss and restoration. At GIA, we can discuss your situation and advise you on what kind of cyber insurance solution might be right for your business.
Call GIA Insurance Brokers on (08) 8532 3093 for a free, no obligation chat or quote.