Latest News

According to a recent cybersecurity report, at least seven other companies in Australia are among those affected by the JBS Meat ransomware attack. The cybercriminal group REvil acknowledged responsibility and went ahead to post a list of other affected companies.

The list includes:

• A mental health organisation
• A consultancy agency
• An accounting practice
• A legal practice
• A liquor group collective
• An online retailer
• A chemical packaging entity

The ransomware that facilitated the attack on these organisations was reportedly created by the ransomware-as-a-service provider known as Pinchy Spider. In the current digitized environment, cybercriminals are enjoying a great time, and the service is making it easy for threat actors to deploy such costly attacks.

According to a recent Forbes report, the global increase in cyberattacks like ransomware results from the ease and affordability of launching such attacks. It's now easier than ever to access off the shelf malware, and anyone can become a cybercriminal provided they have something in their cryptocurrency wallet.

How Ransomware Works

The most common approach used by threat actors to access company systems and deploy ransomware attacks is malicious emails with infected links or attachments that unsuspecting employees may click on and unknowingly initiate attacks. They may send the emails to targeted persons in specific organisations or millions of potential victims.

Once the threat is initiated, the attacker will then inform the organisation that their data is encrypted and must pay promptly to access the decryption key. The payments are primarily in cryptocurrency form to shield the threat actor's identity. If you fail to pay within an initial period, they may shamelessly increase the ransom and threaten to delete or sell your data.

These arrangements don't have good faith negotiations, so there's no guarantee that the criminal will help you decrypt the data after payment.

Usually, ransomware contains extraction capabilities that make it easy for criminals to access and steal critical data like log-in credentials. As a result, stopping the attack can be a serious business, and the government has already initiated the proper steps to curb the menace.

The Security of Critical Infrastructure Act 2018 will be helpful in this area. Once passed, the law will require different organisations to report any ongoing and current cyber incidents to the government, allowing it to create a consolidated picture of the attacks' nature and activity level.

But before the legislation comes into effect, you must implement the correct best practices to secure your systems from ransomware and deter threat actors.

Cybersecurity Best Practices to Protect Against Ransomware

Ransomware can be deployed in different forms, and the implications vary. So there's no standard procedure used by business to ward off criminals. Fortunately, the following primary steps will help protect your business from ransomware attacks:

• Don't click on that link! – This is pretty straightforward, but most people forget it. Avoid clicking links or opening documents from unknown email addresses. This should be included in the staff training schedules as well.
• Zero trust model – Migrating to the zero-trust approach enhances your network visibility and control. This encompasses steps like traffic evaluation, asset prioritisation, adaptive monitoring, and microsegmentation. 
• Keep secured backups – There's no honour among thieves, and paying the ransom doesn't mean a cyber-attacker will keep their promise. With secure, up to date data backups, you'll quickly resume operations.
• Establish endpoint and email protections – To prevent unsuspecting staff from making common mistakes, ensure all emails are scanned and deploy endpoint protection and firewalls.
• Implement a strong password policy – Simple and guessable passwords are among the most significant vulnerabilities, but a well-defined and comprehensive password policy will reduce the risk.
• Partner with a cybersecurity expert – A reliable IT security partner will address all your vulnerabilities and risks while you focus on core functions.

CyberUnlocked is your trusted Australian-based cybersecurity partner with all the technology and expertise to help you navigate the murky waters. Speak to us to discover our comprehensive cybersecurity services.