.png?width=100&height=100&name=COVID_Safe_Badge_Digital%20(002).png "COVID_Safe_Badge_Digital (002)"){kind=icon}
INTRODUCTION:
Whilst this is a small business accountants' and advisors blog and not technology based, I think it is important that business owners be aware of the very real threat of ransomware which affected one of our clients just in the past week or so. The client's website which allows subscribers to run diagnostics on data that helps them make better informed decisions with their commodities was hacked which rendered the website as useless. The hackers then demanded approximately USD 900 to restore the site.
The problems this has caused them in lost productivity not to mention branding and reputation and the cost to correct the problem has meant thousands of dollars and the insurance policy did not cover it! Cash flow has been affected not to mention other critical key performance indicators.
Ransomware is a malware (like a virus) that locks your computer or encrypts your electronic files. They could be a website, photos. videos, documents or spreadsheets. When this occurs you can't retrieve the data unless you pay a ransom which even then is not guaranteed.
Whilst I stress we are not technology experts, if this happens or you wish to stop this from happening to you, you should immediately contact your IT provider.
As a guide here are some of the things you should consider doing now to protect your business from this which is happening more and more.
Figure 1: With cyber crime on the rise it could be time to get Batman & Robin back! Scolari Comerford Small Business Accountants Sydney & Dubbo.
1. Do You Pay The Ransom?
Paying the ransom is normally not recommended because the risk is it might not solve your problem. It also encourages the perpetrators to keep doing it so don't jump in without seeking proper advice.
2. Backup! Backup! Backup!
You need to review your IT backup operations and procedures. Usually a good idea to have 2 backups with one in the cloud and the other on a portable device (thumb drive etc).
Have you checked your backup procedures recently? I strongly suggest that you do!
Figure 2: Here is an example of what a ransomware might look like.
3. Prevention Better Than Cure
Always have reputable anti virus software. Where the software notes it, do not switch off the 'heuristic functions' which will provide extra security. be careful when opening emails and attachments from people you do not know.
4. Contact Data Retrieval Experts
Your IT provider will no doubt have contacts who specialise in retrieving and decrypting the affected files. Unfortunately this could cost you thousands of dollars but might give you comfort that you are giving yourself the best chance to get the data back!
5. Purchase Decryption Tools
There are tools that allow you to try and retrieve the information yourself (such as Crypto Sheriff) but be careful as you might only have one chance to do the operation correctly. This is a cheaper solution but if it doesn't work you might still have to go down the expert path which will then cost you even more money!
6. Contact Your IT Provider & Insurance Company!
Again the best thing to do is to contact your IT provider before doing anything else. Be aware that your insurance policy might not cover any costs to fix the situation but ask your provider to confirm now whether you are covered. Our client's policy with QBE did not specify one way or the other and even though it covered computer business disruption they were informed that hacking was not covered particularly. Insurance companies should be clearer with their policies so please get clarification.
CONCLUSION:
If you want small business growth, do not expose yourself to these types of threats. It's not only bad for business but will also affect your business valuation as lack of data security will increase business risk and imply sloppiness. Next time you sit down with your small business accountants and IT providers, check that you have security in place.
Never assume you have this under control. You will very glad you did!
