Ransomware is sticking around but is your business ready to face the threat?

While ransomware has been around since 1989, its threat level has skyrocketed in the last five years. All businesses are at risk, including accounting firms. But it is possible to reduce this risk by being proactive about protection and IT security.

What is ransomware?
We know we should fear a ransomware attack, but if you’re not familiar with the world of cybersecurity, you may not fully understand what it is.

Ransomware is a type of malware (which is short for ‘malicious software’). Malware covers any type of program that is designed to cause harm to someone’s computer. There are many types of malware, such as worms, trojans, and spyware. Ransomware covers the types of malware that encrypt your files and then demand money in exchange for access to them.

Ransomware has been around for a long time, but its current form originated in 2013 with CryptoLocker.

The start of modern ransomware
When CryptoLocker hit the world, it attacked over half a million computers. It encrypted the files of computers running Windows and then displayed a ransom demand. In Australia, it appeared to users in the form of fake Energy Australia emails that contained a link to their ‘bill’.

Five years later came the aptly named WannaCry ransomware attack, starting in Europe. Then four days later, it was detected in 116 countries. What made this attack so prevalent is that many people hadn’t installed the patch that Microsoft released to protect them.

Locking the ransomware door
In most cases of ransomware, a click on the wrong email is all it takes to let it in. Other times, it’s a back door through software on your computer. Understanding how it attacks is how we know what measures to take to prevent it, so you can keep your firm and your clients safe and secure.

Protection happens on two levels: people and data.

Australia recently brought in the Notifiable Data Breaches Scheme, and in that time, 63 businesses have reported breaches. 50% of those breaches were due to human error. This means that your staff are a major risk to your IT security, but that also means it’s something you can change. You need to:

– ensure your policies and procedures around best cyber security practices are up-to-date and easy to access.
– provide regular training for your staff on IT security, either face-to-face or online.
– keep your staff updated on the latest ransomware warnings and other cyber threats through a regular email newsletter or on your company’s intranet.

Your accounting firm handles some of the most sensitive data your clients have: their financials. But any breach to their data is unacceptable, so you need to make sure that you:

– keep your software updated as soon as a new patch is release. As we mentioned earlier, the CryptoLocker tide could have been slowed if people had installed the patch that came out.
– make sure you have the right antivirus and malware scanning software, so you can deal with threats before they become serious.
– back up your data regularly, because no matter how much you protect yourself, it means nothing if you can’t restart after disaster strikes.

The cloud solution
If you really want to feel secure, moving your systems into the cloud is your best defence against the cybercriminal world. Our cloud platform OneSpace was designed with accounting firms in mind. Not only does it integrate with most accounting softwares, it has three tiers of security (it’s hard to be more secure than that). And if somehow you get locked down by ransomware, we can get you back up in running in minutes, not days.

So take a look at your firm: are you confident that you could face the ransomware monster and live to tell the tale?

If you’re an accounting firm that cares about security and is looking to migrate to the cloud quickly and easily, contact us today at onespace@byte.com.au or give us a call at +61 3 9828 9999.