Ransomware is a huge problem for businesses across the world, and Australia’s no exception. Below, we
break down everything you should know about this emerging threat, and how to keep your data safe.

Ransomware attack trends

Ransomware is a type of malware hackers use to scramble your files or lock you out of your computer. The
hacker demands a ransom in exchange for “unscrambling” your data or unlocking your device.
But is ransomware really a problem for Australian businesses? Yes – here’s why.

• Attacks are on the rise – reports show that 67% of Australian businesses faced a ransomware attack
  this year.
• Unsurprisingly, then, ransomware is one of the top causes of data breaches in Australia.
• Australian firms take, on average, 140 hours to identify a security incident. This is higher than the
  global average.

The takeaway? Ransomware’s on the rise, and businesses must be more prepared.

How much ransomware costs Australian businesses

While the costs of a ransomware attack vary from business to business, here are two key statistics you
should know.

• The average ransom paid by an Australian company of any size stands at $1.25 million.
• Even if you don’t pay the ransom, you could face up to 16 days’ downtime. This is really worrying,
  since downtime alone costs around $2000 an hour.

It’s not just about financial costs, either. It’s about your reputation. If clients don’t trust you with their data,
you could lose business in the long run.

Assessing your business risk

Every business is vulnerable to a ransomware attack, but some companies are more vulnerable than
others. Here’s when you might be at a higher risk.

• You handle sensitive data, e.g. you’re a law firm or finance company.
• You’ve paid a ransom before – hackers might think you’re an easy target.
• Employees can work remotely or they use unauthorised devices to access company data.
• There’s no employee cyber security policy in place.
• You don’t have a cyber security incident response plan.

Even if these risk factors don’t apply to you, remember – you’re still at risk.

Preventing Ransomware Attacks

Okay, so how do you prevent ransomware attacks from damaging your business? Well, here are four steps
you can take right now.

1) Use Endpoint Protection

Scan all emails with up-to-date anti-malware and antivirus-software. And, always ensure you keep firewalls
and other network monitoring tools switched on.

Ultimately, an endpoint detection and response (EDR) strategy is your first line of defence against
ransomware.

2) Ignore Links

It sounds simple, but it’s worth emphasising: unless you’re expecting an email from someone, don’t click
any links or open any attachments. If you’re suspicious, don’t click on anything until you verify that the
sender is who they claim to be.

3) Provide Staff Training

Ensure that employees know how to spot ransomware attacks and what they should do to protect critical
data. For example, make sure they don’t leave passwords or sensitive data lying around, and encourage
them to back up data regularly.

4) Backup Important Data

Backup data regularly and store it offsite in the cloud. This way, you won’t feel compelled to
pay the ransom, because you have copies of critical data stored away somewhere safe.

Takeaway

It’s impossible to protect your business from every cyber threat. Still, you can improve your cyber security
posture and reduce the risk of a costly security incident with some careful planning.

To find out more, contact Intrix Cyber Security today.