What to do if your business is affected by a cyber-attack?

Wednesday 24 October, 2018 | By: SureBridge IT

According to the Australian Small Business and Family Enterprise Ombudsman, cybercrime is costing the Australian economy more than $1 billion each year.

Even in 2017, 22% of small businesses that were breached by the Ransomware attacks were so affected they could not continue operating.

This is a staggering statistic, especially when some businesses rely solely on pre-packaged antivirus software to protect their business’ data.

No business is too small to worry about cybersecurity where either outcome could result in your data is compromised or your customers’ data is compromised.

 

1. Immediately stop further infection

When you feel an attack has occurred, or a computer has been compromised to an attack, you need to stop the infection from spreading.

You can do this by quarantining that computer or device by removing it from the network. Pull out the network cable from the computer or turn off the device’s wireless connection to ensure access is cut off. 

The damage could already be done but at least you’ve minimised the chance of further attacks.

 

2.Eliminate the threat

This action needs to occur as soon as an attack or breach has occurred. Depending on your business’ IT setup and infrastructure, contact your IT administrator and notify them of the situation at hand. They will be best suited to eliminate the attack vector and determine if it is still within network perimeter

From there, they should be able to determine how the attack occurred and subsequently what information was breached.  

 

3. Notify

Breaches should be reported to your internal staff immediately, with details of how it happened. From here, you need to take steps to further identify the behaviour that caused the incident and keep the machine or device quarantined until advised by a professional.

You can also report cyber incidents through the Australian Government channels below. Doing so will alert authorities to the incident so that its effects can be minimised and investigated to attempt to catch the attacker can be made. These channels also provide advice to help people recognise and avoid common types of cybercrime: 

•Computer Emergency Response Team (CERT) https://www.cert.gov.au/ 

•Australian Cybercrime Online Reporting Network (ACORN) https://www.acorn.gov.au  

However depending on your business, customers and type of data breached, you may need to do some further reporting.

From 22 February, all businesses with a turnover greater than $3 million which have a significant data breach are required to inform all concerned parties, and to inform the Office of the Australian Information Commissioner. In the event of unauthorised access, disclosure or loss of personal information that could be seriously compromising to the person or people it relates to, it must be reported via https://www.oaic.gov.au/ 

 

At this point, it is recommended to consult a lawyer and your IT provider for assistance. If you don’t have sophisticated event logging systems overseeing your network, then this process will be time-consuming and costly.  You will need to go through this exercise as the changes to the Privacy Act mandate that not only do you have to report the breach to OAIC but if likely to cause harm, you need to issue a public statement.  

 

4. Assess the damage and recover your data

This step is crucial to determine the depth of the breach’s effect on your business, the ability to recover and affect the likelihood of future breaches.

When a breach does occur, most businesses don’t have the measures in place to recover lost or compromised date because they haven’t taken the time to plan the repercussions with a potential breach. 

The best way to ensure you can recover data is consistent and timely backups of data. Restoring recent backups can allow you to recover lost of compromised files and damaged systems.  However, conducting the backups is only half the job done. You need to test the quality of the backups stored, in case they too are corrupted. 

 

5. Review your processes

You need to review the incident internally, determine how it happened and what reasonable steps to take to ensure it doesn’t happen again.

Some of these steps can be relatively easy to complete. For example, some of these steps can include (but not limited to):

  • Backup regularly
  • Patch applications and run security updates and scans
  • Protect devices and accounts with complex, limited time passwords with multi-factor authentication
  • Protect systems by limiting application control and limit administrative accounts

According to the Australian Cyber Security Security, the essential eight mitigations strategies as a baseline include:

  • application whitelisting – to control the execution of unauthorised software
  • patching applications – to remediate known security vulnerabilities
  • configuring Microsoft Office macro settings – to block untrusted macros
  • application hardening – to protect against vulnerable functionality
  • restricting administrative privileges – to limit powerful access to systems
  • patching operating systems – to remediate known security vulnerabilities
  • multi-factor authentication – to protect against risky activities
  • daily backups – to maintain the availability of critical data.

It is recommended to talk to your IT provider to determine a SIEM solution which can further add to your business’ cybersecurity.

With legislation that increases the liability of small businesses in the event of a data breach, you need to know what to do when a data breach happens. Small business in Australia is the target of 43% of all cybercrimes and we need to be prepared.

Don't forget to register for the Cyber Security Webinar - 25 Oct 12:00pm AEST

Post your comment

Comments

  • StevCark 29/09/2019 2:20am (24 days ago)

    Kamagra Gel Forum Que Espatente De Propecia <a href=http://ciali20mg.com>cialis without a doctor's prescription</a> Keflex For Cellulitis Cialis Billiger Geworden Propecia Cost Brand

  • AustPax 18/07/2019 10:36am (3 months ago)

    Cephalexin And Penicillin Allergies <a href=http://cialisong.com>canadian cialis</a> Zithromax In Children What Is Keflex Sulfa

  • Ellthanty 10/07/2019 2:02pm (3 months ago)

    Il Viagra Fa Male Al Fegato Buy Buspar Cheap <a href=http://allngos.com></a> Otc Permethrin Otc Canadian Pharmacy That Takes Paypal

  • AustPax 01/07/2019 9:35am (4 months ago)

    Buy Generic Prednisone Online Wat Is Kamagra Viagra Vendita In Italia <a href=http://yafoc.com>propecia precio laboratorio</a> Cialis Online Generico

  • Ellthanty 28/06/2019 11:46am (4 months ago)

    Coumadin Levitra Orosolubile Italia Synthroid Overnight Delivery [url=http://addrall.com]xenical donde compro online usa[/url] Can I Get Cialis Without A Perscription Ordonnance Cialis Viagra Keflex With Doxycycline Together

  • Ellthanty 18/06/2019 10:56pm (4 months ago)

    Doxycycline No Pres Online.Rs Generico Levitra Online Italia <a href=http://vhsfp.com>generic viagra</a> Canada Pharmach Amoxicillian Olanzapine For Sale From Canada Cialis generika 20mg kaufen

  • Ellthanty 02/06/2019 9:06pm (5 months ago)

    Compra Finasteride Propecia Zithromax 2 Pills <a href=http://cheapvia25mg.com>viagra prescription</a> Order Cipro Online Viagra Online Pharmacy Reviews

  • <a href="https://gta5apk.biz/">Download GTA 5 APk FREE for pc mobile</a> 26/02/2019 10:34pm (8 months ago)

    Grand Theft Auto V is an action-adventure video game developed by Rockstar North and ...... "'GTA 5' Costs $265 Million To Develop And Market

  • kesejiya 29/12/2018 7:06pm (10 months ago)

    Excellent insight of what could happen thanks for sharing...

  • plusapk 05/11/2018 7:27pm (12 months ago)

    thanks for sharing......

RSS feed for comments on this page | RSS feed for all comments