• trustworthy
  • expert
  • professional

Is your business cyber-attack protected?

Is your business cyber-attack resistant?

Cyber security is vital for business – here’s why

A call from your IT provider on a Saturday night to advise of a successful cyber-attack is one of a business owner’s worst nightmares.

The thought of data being compromised is a threat to any business. For one Perth business falling victim to a cyber-attack became a reality last month.

Thankfully we have permission to share their story, insights and lessons learned from the experience.

RobinHood ransomware attack – what happened?

One of two servers was successfully attacked and as a result both server information and the back-up were encrypted.

An encryption expert reviewed the code and stated the code was ‘RobinHood’, one of the most malicious ransomware used by cyber-attackers with criminal intent.

According to our source there had been six unsuccessful attacks on the business servers leading up to this attack.

The reason the cyber-attack was successful was because of an old administrator password that should have been cancelled.

Cyber-attack ransom – pay or not?

Ideally a business, will have current and secure systems in place to avoid a cyber-attack however in reality sometimes these measures fail.

Attackers demanded US3500 in bitcoin.

Business owners considered all options. What would you do in this situation?

Payment was made for an encryption code but it didn’t work, and attackers demanded more money.

At this point business owners agreed that unless they declined to pay any more money the cyber-attackers would simply keep dragging them along. A clear message of ‘no’ was communicated and thankfully attackers gave a correct encryption code.

The downside was the code only unlocked one file at a time which meant the process to unlock information and retrieve all information took more than three days.

Lessons learnt from a cyber-attack on a small business

In hindsight the business reviewed computer protection levels and server security procedures. Lessons included;

  • all computers must have the latest software. This includes machines that sit at the front desk that may not be used often
  • business computers should only have trusted, and secure programs installed on them
  • always have a three-monthly review provided by your IT provider including a written report
  • turn off office computers at the end of every workday
  • consider installing additional virus protection on business computers

Apparently, a week after this cyber-attack, there was a $1million ransomware attack on a big Aussie brewer.

As a result of the attack this Perth business is moving to 100 per cent cloud storage, doing away with server storage and backups and engaging an independent IT firm to review processes.

A timely warning from one of the business owners, ‘we just cannot be careful enough, cyber-security requires constant monitoring.’

We hope this information has been useful and will perhaps prompt you to review your IT and cyber-security processes.

Published 17 July 2020

This entry was posted in , .
Meet the CVW Accounting team

ABOUT US

CVW Accounting is a reasonable, highly experienced accounting firm, based in East Perth. We work with small to medium businesses to maximise growth and profit.

More about CVW Accounting
Find out more about what we do at CVW Accounting

OUR SERVICES

We agree on your accounting fee before we start work. Let CVW Accounting keep you on top of all your financial reporting, obligations and taxation requirements.

More about CVW Accounting
Director Penalty Notice letter

Latest News

  The ATO has started issuing director penalty notice letters to Directors in order to inform them of potential personal liability for unpaid company taxes. If you have received a letter, CVW Accounting advise you contact your accountant. Why have… Continue reading →

More about CVW Accounting