Search
Get In Touch

Don't Get Held Hostage: What to do in the event of a Ransomware attack!

82% of ransomware attacks are aimed at small businesses.
A ransomware attack costs $300,000 on average.
60% of SMEs fold within six months of an attack.

An end-of-year survey of over 300 technology and security decision-makers revealed that around 72% had succumbed to ransomware attacks in the last six months alone!

Unfortunately, if you are an SME in Australia right now, ransomware attacks are more of a when than an if. Apart from the financial loss, they can also hurt your reputation, making it challenging to regain customer trust and recover your business.

Incremental Backups

Data Backups

Step #1 Regularly back up your important data to external storage devices or to a private cloud.

Step #2 Verify that the backups work

Step #3 Keep backups separate from your primary network to protect them during an attack.

Laptop data backup to external hard drive
POV (point of view) of a person changing new password on a tablet portable device. Cyber security concept.

Access Control

Step #1 Use different account types, such as standard and administrator accounts, so no employee has full access privileges.

Step #2 Use standard accounts for everyday activities, as they are less vulnerable to ransomware attacks.

Step #3 Set strong, unique passwords for each account.

Step #4 Enable multi-factor authentication (MFA) on critical services like email and remote access. MFA requires a combination of something you know (like a password), something you have (like a token), and something you are (like a fingerprint).

Security software

Step #1 Install and regularly update antivirus software on all devices.

Step #2 Enable specific ransomware protection features in your antivirus software, such as ‘controlled folder access’ in Windows.

Step #3 Train your team to look for fake antivirus alerts and only click on legitimate warnings from the installed system.

Man installing software update on device

Case Study: Tollison Logistics Ransomware Attack (2021)

Attack: A phishing email tricked an employee into providing their login credentials. Attackers used this access to move through Tollison’s systems, eventually deploying ransomware that encrypted critical files and disrupted operations

Consequences:

Operational Shutdown: Shipping systems went offline, causing widespread delays and impacting their ability to fulfil orders.

Data Exposure: Customer data was leaked online, including shipment information and potentially financial details.

Costly Recovery: Tollison had to engage forensics specialists, rebuild systems from scratch, and potentially pay for customer data recovery.

Long-Term Reputational Damage: The attack remains associated with the company, potentially impacting customer trust.

How to respond to a ransomware attack

Despite your best efforts, you may still find yourself at the receiving end of an attack. The key point to remember is—Do not pay the ransom! There is no guarantee of regaining access to your systems, nor will the ransom prevent your data from being leaked or sold online. More attackers may also target you.

Turn off impacted devices and servers

innovation-improvement-icon-1

Disconnect other networked devices, such as Network-Attached Storage (NAS) devices, computers, servers, or tablets, that store valuable information.

Change all your passwords

leadership-icon

This includes cloud passwords, email, bank and business accounts.

Check your data backups

trust-icon-2

Make sure any impacted files are not impacted.

Record essential details

innovation-improvement-icon-1

This could include anything from impacted files, data lost, ransom notes, etc.

Report the incident

leadership-icon

At the first possible opportunity, report the incident to the ACSC through ReportCyber.

Call in the professionals

trust-icon-2

Call in the professionals to remove the ransomware and restore your systems. Avoid restoring systems yourself, as doing so could spread hidden ransomware further and cause more damage.

Conclusion

Ransomware is a serious threat, but that doesn’t mean you have to be a victim! With smart planning, education and quick action to respond and limit damage, you can protect your business and bounce back if the worst happens.

Customer Stories

Platatac logo

Platypus Outdoor Group

Platypus Outdoor Group is a Melbourne-based company that offers military, law enforcement, and emergency responder footwear, clothing and field gear for public and government purchase.

LEAP Strategies joined forces with Platypus in 2001 to implement and manage their technology solutions. Since the partnership began, LEAP has built a trusted relationship with Platypus through successfully establishing and maintaining their servers, network and security. Security is paramount due to their direct dealings with law enforcement and military forces in Australia and worldwide.

Bob Stewart: Our family serving you since 1925

Bob Stewart – A Spotlight on Success

Third generation family business, Bob Stewart is a hallmark retailer in the world of school uniforms around Australia.

Partner centric in our approach, LEAP Strategies has collaborated with Bob Stewart for 15 years, adapting technology solutions to suit evolving business needs.

Let’s Start the Conversation.

Transform your tech landscape with LEAP Strategies.

Reach out to discuss our innovative solutions