Author: GPK Group

Cryptolocker Protection and Removal

Cryptolocker is a sophisticated variant of ransomware that’s grown in infamy in recent years.

And while the original strain has been neutralised, copycat cyber security threats still exist. So for ease of use, we’re going to refer to them all as Cryptolocker.

So let’s look at what Cryptolocker is, and how you can provide Cryptolocker protection for your Brisbane business.

What is Cryptolocker?

Cryptolocker is a malware program that has shown itself to be more dangerous than standard ransomware.

Cryptolocker doesn’t just go after the files or devices on your network—it works faster, and goes further, and can affect an entire mapped drive. So your C: drive, E: drive, all of it.

And more insidious than that, it can also spread to external devices, such as USBs, external hard drives, and folders in your cloud networks.

Once Cryptolocker infects your computer, network, drives, or files, you’ll receive a notification telling you that your files have been encrypted. This will say that a ransom must be paid to retrieve them, and you can only unlock your files with a decryption ‘key’ provided by the hackers.

This response is timed, too. The original CryptoLocker ransomware gave victims 100 hours to pay the ransom, or their files are deleted. Copycat cyber security threats present themselves in much the same manner.

At present, Cryptolocker only affects those systems running Microsoft Windows. Mac users are safe, for now.

What is the impact of Cryptolocker?

Given its more aggressive and vicious spread, Cryptolocker can do more damage than your average ransomware. It can prevent access to entire drives, shutting down vast elements of your business operations. It can disrupt IT systems, and spread into IoT-connected devices, with the potential to bring entire supply chains to a standstill.

How to protect your business against Cryptolocker

There are a few key steps that provide your business with protection against cyber security threats like Cryptolocker.

• Protection from Cryptolocker begins with safe internet use protocol. Provide regular internet safety training for all your staff, and their families. After all, common sense isn’t always commonsense. Ensure that everyone knows they shouldn’t open suspicious emails, or anything from unknown email addresses.
• Make sure everyone knows what ransomware is, what Cryptolocker is, the potential effects, and how it can be spread. Provide clear instructions of what to do in the event a Cryptolocker attack occurs.
• Another way to improve Cryptolocker protection is to restrict user access. Ensure users only have access to files and folders that are necessary to do their job. This works to contain the damage; the less attack surface that ransomware has, the smaller its spread will be, and the less can be encrypted.
• Install whitelisting applications to ensure only approved software is running on your networks.
• Ensure your antivirus software is up to date and patched with the latest information.
• Ensure your operating systems are up to date and patched.
• Importantly, ensure your business has a thorough backup and recovery process in place. Regularly back up your data and files with secure, remote backups. Consider using both physical and cloud off-site storage, to provide multiple backup points.

How to remove Cryptolocker

But if protection against Cryptolocker is no longer an option, you’ll need to know how to remove the ransomware. Be warned though: this won’t decrypt your encrypted files. But it will stop the malware from spreading.

If you fall victim to a Cryptolocker attack, you should treat it the same as a ransomware attack:

Step 1. As soon as possible, isolate any infected drives, devices, or folders from your network. This should work to reduce the spread.
Step 2. Shut off any network connections.
Step 3. Perform a thorough antivirus scan of the infected devices and drives, running it as many times as necessary to remove all traces of the original infection.
Step 4. Restore the operating system to the latest backed-up version.
Step 5. Again, perform a thorough antivirus scan to ensure all traces of the Crytolocker have been removed.

However, we don’t actually recommend you perform the review yourself. Bring your infected devices in to GPK instead. We can perform a thorough review of your devices in a secure environment, to minimise any further cyber risk to your company.

Get Cryptolocker protection for your Brisbane business

The best defence against ransomware is to be prepared. And Cryptolocker protection is the same: the better prepared you are, the more regular your remote secure backups are made, and the tighter your security protocols, the best chance you have at minimising any damage from a Cryptolocker attack.

GPK Group provide full-scope IT cyber security for Brisbane businesses. We help ensure you have the right software and protocols in place to protect against cryptolocker, ransomware, and the latest cyber security threats.

Get in touch with us today to discuss a cyber security solution for your Brisbane business.

The Cost of Cyber Security Threats for Australian Businesses

We all know that cyber security threats are a real and present danger for Australian businesses. But just how much of a danger are they?

A quick look at the numbers tells us that cyber risks are set to damage Australian businesses big-time.

It’s estimated that by 2025 cyber crime is going to cost the world US$10.5 trillion annually. That’s such a huge figure that it’s practically incomprehensible.

And that’s not just in direct costs. This figure is a sum total of the damage caused by cyber security threats. It covers things like:

• Stolen business funds
• Stolen intellectual property
• The destruction of irreplaceable businesses data
• The loss of associated personal data
• Lost staff working hours caused by the associated cyber attacks
• The cost of investigation, clean-up, and business network restoration
• The cost for the business of getting back on its feet

And the really concerning thing about this is that cybercriminals know that these numbers are achievable. Particularly in Australia.

Australia isn’t prepared against large-scale cyber security threats

Back in 2019 the Australian Department of Defence undertook a review of Australia’s cyber risk preparedness measures. They ran through a series of cyber risk scenarios, determining potential cyber attacks and our response as a nation to these attacks.

The scenarios themselves started out fairly innocuous. Australians queuing online to buy tickets online to the 2022 AFL grand final would find the system is down. Unbeknownst to them, this is the first wave of a multi-step cyber attack. During this confusion, a second cyber attack would disrupt international supply lines, creating a shortage of supplies that keep our essential services running.

An alternate scenario saw cyber criminals launching attacks against critical infrastructure, like the power grid and food supply chains, or by taking control over autonomous vehicles.

While these scenarios took a country-wide focus, the unsettling this is that every Australian business has the potential to be a target of these attacks—if they haven’t already.

The cost of cyber security threats to Australian businesses

An IT security threat for a Brisbane business can end up costing on average $276,000. Per attack. For many businesses, that’s a number that they can’t recover from.

And with the rapid switch to remote work that we’ve seen in the past 18 months, cyber criminals have been given the opportunity to exploit business that simply aren’t prepared. In fact, the remote work revolution and work-anywhere phenomenon has highlighted the vulnerabilities in traditional business security systems.

This is starkly apparent in the context of home office scenarios. According to recent reports, the leading causes of cyber security threats and breaches were:

• Ransomware
• Process weaknesses
• Out-of-date security tech
• Third-party apps

We’ve spoken about cyber security threats like ransomware attacks before. But how do these other cyber risks affect businesses?

Process weakness

A process weakness takes the form of a failure or vulnerability in your cybersecurity processes and protocols. And, usually, it comes down to simple human error. It can be a missing step in your business’ security system, or simply forgetting to update your operating system to a newly-patched version. Or it could be your users not following best-practice password protocol.

These weaknesses in your security processes are easy for cyber criminals to exploit. So it’s critical that you review your processes regularly to ensure you’re protected against the latest cyber risks.

Out-of-date security tech

Similar to process weakness, out-of-date security systems are a big cyber risk for businesses. It might seem like a hassle, but updating your security software is one of the best ways to protect your business against cyber attacks.

Having the latest security software updates ensures that the latest known cyber security threats and issues are patched against, and there are no known vulnerabilities for criminals to exploit.

The operative word here is “known” threats. There may be other cyber security threats out there—they just haven’t been discovered yet. But rest assured that your platform providers and cyber security software companies are on the hunt 24/7 to uncover and fix any vulnerabilities.

The cyber risks of third party apps

Have you heard of Shadow IT? Given its name, it already sounds shady and underhanded, but it’s actually a fairly benign phenomenon. On the user end, at least.

Shadow IT occurs when your teams and employees use apps, devices, and services that haven’t been approved by your IT team. Shadow IT are the programs they download to speed up processes, the messenger apps they use because they prefer them. It’s the action of saving their work to a personal cloud folder, rather than the approved business location whether this is a server or your own cloud provider.

From their point of view it’s harmless. But in using Shadow IT, your teams are using technology that hasn’t been allowed for in your business’ IT security plans. If your IT team isn’t aware of an application or piece of software that’s being used, they can’t ensure that it’s secure.

As well as causing inefficiencies in your workflows, Shadow IT can lead to data leaks, compliance violations, and security system vulnerabilities. It makes sense: the more apps and platforms that your business uses, the broader your IT attack surface becomes.

So make sure that your teams know exactly what they should be using in their work. Ensure they’re using these platforms, and get rid of the rest.

Australia might not be prepared against cyber security threats—but you can be

While Australia as a country isn’t prepared against large-scale cyber security threats, as a businesses you can still do everything possible to ensure your workspace and networks are secure.

At GPK Group, we provide robust cyber security for Brisbane businesses to ensure you’re as prepared as possible against potential cyber risks and cyber security threats.

Get in touch with us today for a free, no-obligation discussion on how we can help keep your business safe and secure against the latest cyber security threats.

Ransomware explained: How it works and how to remove it

Ransomware is one of the most common cyber security threats against Adelaide businesses. In this article, we take a look at what this cyber risk is, and how you can protect yourself against it.

What is ransomware?

In its simplest form, ransomware is a type of malware. These cyber security threats work by tricking the user into downloading and installing a file, or clicking a link, that’s infected with that particular ransomware strain.

Once downloaded, the malware then gets to work. It locks down your system, restricting user access and files, encrypting them. You’ll then typically receive a notification that your system has been infected. This usually takes the form of an on-screen pop-up or an email, informing your that their files have been locked and encrypted. Within this notification the hackers then demand a ransom to restore your files. These days, the ransom is typically in the form of BitCoin.

Then, if you don’t pay the ransom, the hackers simply delete your files.

How ransomware spreads

Ransomware is spread in much the same way that viruses and other cyber security threats do. Hackers will send a phishing email, tricking you into opening and downloading the file, or to click through the link provided.

Occasionally it’s spread through drive-by downloads. That is, when you visit a site where the malware has been implanted. It lurks there, waiting for a user to click on that page. Then it automatically downloads itself to your computer.

Ransomware is one of the more dangerous cyber security threats

There are now more than 1,800 different strains and variants of ransomware out there, and 2021 alone has seen unprecedented levels of ransomware attacks. Attacks that have increased in sophistication, in severity, and in the volume of ransom demanded.

However, any level of cyber risk is unacceptable to a small business.

The average ransom businesses pay is over US$300,000. But that’s just on average. Smaller businesses may expect to pay $60,000, larger businesses a lot more. In March this year, computer manufacturer Acer was held to ransom to the tune of US$50 million.

Do I pay the ransom?

Despite the obvious issue that your sensitive and critical information is no longer available, the problem with ransomware that most businesses will struggle with is whether or not to pay the ransom.

By nature, the group doing the hacking aren’t going to be the most scrupulous of sorts. So will paying the ransom even ensure you receive access to your files?

The Australian Cyber Security Centre has clear guidelines on what to do in the event of a ransomware attack: Don’t pay. After all, there’s no real guarantee that the hackers will return your files or fix the damage they’ve caused.

Paying the ransom once also implies you may do so again in the future, leaving you vulnerable to future attacks.

How to remove ransomware

The best way to deal with the cyber risk of ransomware is to assume that your files and data are already gone. Instead, focus on restoring your data and files from your backups.

But let’s assume that you haven’t done this in a while.

If you were to fall victim to a ransomware attack, time is of the essence. So rather than reverse the situation, you need to focus instead on minimising the damage.

Here’s how to do it.

Step 1. Isolate the infected files or devices from your network to reduce and stop any further spread.
Step 2. Shut down wireless and Bluetooth connectivity to stifle any further spread.
Step 3. This is the hard bit. You need to identify any and all infected files or devices.
Step 4. Lock and restrict sharing access to any infected files or devices.
Step 5. Locate the original infected file. You can check your antivirus software for any alerts, or quiz your teams on any activity that may have led to malware being downloaded.
Step 6. Check your antivirus provider to determine the strain of ransomware you’re dealing with.
Step 7. Report the attack to the Australian Cyber Security Centre.
Step 8. Restore all your business systems from the latest backup.
Step 9. Run your antivirus/antimalware software as often as necessary to ensure all traces of the ransomware have been eliminated from your network.

How to combat ransomware

When it comes to ransomware, removing it yourself is a last resort. The best way to actually combat ransomware is to ensure your business performs regular, secure backups in the first place.

Keep these backups separate to your business system. The more removed they are, the safer they’ll be. Consider using both physical and cloud off-site storage, to provide multiple backup points.

Also, ensure your business practices sensible internet use. Don’t click suspicious emails or links. Only use secure networks. And make sure your antivirus software is up to date.

The best defence against ransomware is to be prepared

Ransomware is one of the most common cyber security threats impacting Adelaide businesses. So it’s crucial that your organisation is prepared.

At GPK Group we take a proactive approach to managing your business’ cyber risk, and provide robust, full-scope IT cyber security for Adelaide businesses. Contact us today to discuss a cyber security solution that stops ransomware in its tracks.

The Top 10 Most-Infamous Cyber Attacks

There have been some absolutely astounding cyber security threats in recent years. Wide-ranging, costly, and damaging the activity of large Australian businesses for days.

And while cyber security threats are becoming more insidious, and more targeted, they don’t always make the news.

So let’s look at 10 of the most infamous cyber attacks in history, and the flow-on effects these have had to cyber security for Adelaide businesses.

1. The Cambridge Analytica data scandal

Call it what you will, but the Facebook Cambridge Analytica data scandal was a sophisticated social engineering hack that was effectively hidden in plain sight.

Facebook engaged consulting firm Cambridge Analytica to create an app, This Is Your Digital Life, for research purposes. It was supposed to collect personal information from those that opted in—but ended up collecting the information from their unsuspecting friends, too.

While only 270,000 people downloaded the app, data was collected on 87 million users. This included things like names, relationship status, religion, birthdate, employers, search activity, and check-ins. The data was then used by both Senator Ted Cruz and President Trump to gain information on the political preferences of Americans during their political campaigns.

While many may not see this as a cyber attack, it was definitely one of the biggest cyber security threats in recent year, the fallout of which has changed how we view social media and its use.

2. Ashley Madison

Ashley Madison, the infamous online dating site for those already married or in relationships, was famously hacked in 2015. An online group known as The Impact Team notified the site that it had stolen the personal information of 32 million of their members, and threatened to post it online unless the site closed down.

Ashley Madison ignored them, and much to the shock of those using the site, the hacking group followed through and posted their sensitive data online, exposing those users to public scrutiny.

This breach cost the company almost $30 million in fines and damages—and untold heartache in homes all over the US.

3. Sony’s double-header

Entertainment giant Sony found itself under attack twice in the early 2010s.

In 2011 hackers stole the personal data of 77 million PlayStation users, including credit card and financial information. A distributed denial of service (DDoS) attack shut the PlayStation network down for 23 days, costing the company $15 million in compensation to its users.

They bore the brunt of further cyber security threats in 2014, falling victim to a malware attack. The hackers gained access to employee emails, confidential film scripts, employee salary information, and copies of unreleased films. They then used wiping malware to attack Sony’s computing infrastructure.

It was determined that the attack came from a North Korea-sponsored group, in response to their views against the Seth Rogen and James Franco film, The Interview.

4. Adobe

Globally-used and loved creative platform Adobe fell victim to a cyber security threat in 2013, when they announced a backup server had been hacked. The hackers stole the personal data of 153 million of its users, including usernames and passwords. This information was then dumped online.

5. Celebgate

Celebgate wasn’t a large-scale attack, but it was certainly well publicised. In 2014, a group of hackers used spearphishing tactics, creating emails that mimicked official Google and Apple emails, to gain the usernames and passwords to celebrity cloud accounts. Their goal was to steal private images of female celebrities.

Hundreds of big-name actors were impacted by this, and had their personal and private images dumped onto imageboards across the internet.

The cyber security threat implications of this attack are still being felt, and similar instances continue to occur. It goes to show that cyber crime isn’t always about dollars; often it’s purely out of spite, to cause chaos.

6. Wannacry

The 2017 Wannacry ransomware attack was a cyber security threat that impacted around 230,000 computers in more than 150 countries. The hackers target computers running Microsoft Windows, demanding payments in BitCoin.

What was particularly insidious about this attack was that it included a mechanism that enabled it to copy and then spread by itself. Users that hadn’t installed the most recent April 2017 Windows security patch fell victim to the attack. And it was a vicious one, with victims hearing reports that no infected businesses who paid the ransom ever actually received their data back.

At the end of the campaign, a total of 327 payments had been made, totalling US$130,634.77

Notably, the UK’s National Health Service, Indian State Government organisations, Nissan, Boeing, and FedEx were all hit by the Wannacry attack.

7. SolarWinds

December 2020 saw the US Government fall victim to a mammoth cyber attack. Unknown actors inserted malicious code into SolarWinds’ Orion network management software used by Fortune 500 companies all over the world, including firms like Microsoft. At least 6 US government departments were impacted. This included, concerningly, the National Nuclear Security Administration, and the Department of Homeland Security.

This code went undiscovered, and SolarWinds even sent a security update to its users that included this malicious code.

It’s unclear to what extent these users have been breached, or even what data has been stolen, making this one of those significant cyber security attacks ever.

8. Zoom

As the world shifted to working remotely, businesses and individuals were quick to roll out the Zoom platform. But as its user base grew, so too did interest from cyber criminals.

One well-publicised cyber security threat saw the user account credentials, passwords, and meeting URLs stolen, and put up for sale on the dark web.

Zoom reacted by implementing crucially-missing security measures, including meeting IDs and passwords.

9. Yahoo!

Yahoo! just can’t seem to catch a break. The search has fallen victim to cyber security threats on at least three separate occasions.

In 2014 they had 500 million user accounts breached, where senstive personal information like phone numbers, passwords, and birth dates were stolen. In 2018 it reported a breach of 32 million user accounts.

But neither of these compare to their 2013 breach, where it revealed that 3 billion user accounts had been stolen.

10. Target’s bad luck with credit card details

Target’s attacks are notable as the first time a retailer of this size was the victim of an attack on this scale.

In 2013 in the US, during the Black Friday, the details of 40 million Target customer credit card accounts were compromised. This happened again in 2014, with another 70 million credit card account details being compromised.

So, what have we learned?

While it seems that some of these businesses haven’t put their learnings into action, that doesn’t mean you can’t.

GPK Group provides smart cyber security for Adelaide businesses, so you get peace of mind that you’re protected against cyber security threats.

Reach out to us today for a free, no-obligation discussion on how we can help your business remain safe and secure against the latest cyber security threats—and so you don’t see your name in this list.

Why is cyber security so important?

We’re more reliant on technology than ever these days. And, with this almost complete reliance on IT, comes the escalation in cyber security threats.

So let’s look at exactly why cyber security is so important for the modern business.

Cyber security is critical for modern businesses to survive

Cyber security is no longer a nice-to-have—it’s essential. Not just to help your business grow, but for it to survive.

It’s all about protecting your business’ information, technology, IT infrastructure, and users against both immediate and potential threats. The right cyber security solution safeguards your business’ essential data, and that of your customers and clients, against a range of cyber threats, which can originate from a variety of sources.

External cyber security threats

External cyber security threats are one of the biggest risks businesses face these days. Hackers, cyber criminals, malicious actors—whatever you choose to call them, these are the external parties actively attempting to infiltrate systems and access your business’ data.

They do so via a startling array of methods, ranging from phishing and malware attacks, to ransomware attempts, denial of service attacks, and SQL injections. Their goal is to gain access to your business’ systems and databases and retrieve information, money, or generally cause havoc.

Internal security threats

While external cyber security threats are one of the greater threats to be aware of, businesses can also be vulnerable to issues created inside their organisation. Yes, this can include disgruntled employees with an axe to grind, but it’s much more likely to be your own software and platforms letting you down.

Poor internal security protocols such as weak passwords, a careless approach to email safety, and unprotected systems all leave your business’ network open to attack. You may be using old and outdated software, or running an antivirus and firewall that haven’t been patched against the latest cyber security threats.

Human error

Data loss isn’t always malicious: it can all come down to simple human error. Not saving information in the right place, forgetting to save documents, deleting the wrong file, or simply leaving external devices lying around for anyone to easily pick up and run away with.

Disaster situations

As we’ve seen across Australia in the last 18 months, disaster can strike in a variety of shocking ways. Instances like fire, flooding, extreme weather, and even earthquakes in some cases, can all have a huge effect on your IT systems. Servers can be lost to office fires. Backups can be affected by a leaking roof. Extreme weather can shut off the power and damage your hard drives.

Advances in technology means advances in cyber security threats

It’s crucial for businesses and individuals alike to understand the implications of advancing technology, in order to see just how important cyber security is for your Brisbane business.

Take AI, for example. Machine learning and AI is fantastic for businesses, but it’s also a boon for cyber criminals. Instead of individual users and professional groups being the operators behind cyber security threats, we’re likely to see software programs and AI scripts delivering these attacks on their behalf.

Phishing attempts will get smarter, more targeted, and more tenacious. Malware will get more insidious, hiding even deeper in legitimate-looking ads and links. These attacks will be undertaken at a speed, ferocity, and breadth not available to the human user, and performed on a global scale.

5G means faster internet speeds—and faster cyber criminals

The 5G network will increase internet speeds to lightning fast response times. But as the world moves to faster internet, this also means that we’ll see an increase in associated cyber security threats.

Cyber criminals will move quickly to exploit security threats as they appear. Zero-day attacks have the potential to increase, as new software becomes available on the market. And, while the world upgrades to 5G networks, many users will still be connecting to older networks, and any unresolved flaws in these networks will still be vulnerable to attack.

Cloud computing and cloud access is a massive shift for businesses that brings fantastic benefits. However, with an increase in cloud services comes the increase in potential for cyber attacks. Vulnerabilities in cloud networks, platforms, and software have greater potential to be discovered and exploited.

An increase in IoT-connected devices further expands the playing field for cyber security threats. After all, more devices means more opportunities, more entry points, and more undiscovered vulnerabilities.

The right cyber security solution gives you peace of mind that your business is secure

Cyber security is important because we live and work in a connected world, and the right cyber security solution ensures your business’ technology and data doesn’t fall into the wrong hands.

At GPK Group we provide full-scope IT cyber security solutions to keep your business protected as cyber threats evolve. Get in touch with us today to discuss a cyber security solution for your Brisbane business.

How to conduct a cyber security audit for small businesses

What is a cyber security audit?

A cyber security audit is a comprehensive review of your business’ IT infrastructure and systems. It enables you to identify any weaknesses in your security protocols, uncover any vulnerabilities in your software, and highlight any high-risk practices in your business’ IT use.

By identifying this information clearly, you’re able to create a list of areas that need attention, and formulate a plan for how to achieve this.

A cyber security audit is crucial for small businesses to identify gaps in your business’ cyber security systems, and ensure you’re protected against cyber security threats and attacks.

Here’s how to undertake a cyber security audit for your Brisbane business

Step 1: Plan for the worst

It’s not a particularly positive sentiment, but for most Brisbane businesses a cyber security attack is an unfortunate predetermination. It’s a matter of when, not if. So to ensure you have the tightest cyber security measures in place for your business, assume that it’s going to happen, and plan to be prepared.

Step 2: Review your existing IT infrastructure and security protocols

Performing a full review of your IT network and systems gives you a complete picture of your IT architecture. This review enables you to understand the extent of your network, and the systems you have in place.

By compiling a complete list of all applications and programs you use, all user who have access to your systems, and the full suite of hardware and devices available, you map out exactly how far your network extends.

This allows you to understand every available touchpoint that can come under threat from cyber attacks.

Step 3: Perform a vulnerability assessment

A vulnerability assessment is probably the key step in undertaking a cyber security audit for your Brisbane business. When performing a vulnerability assessment, you’re:
Checking your current security practices and determining whether or not they’re up to scratch; and
Reviewing your cyber security software to ensure it’s patched with the latest security updates. This includes your critical antivirus software and firewall.

This step allows you to identify and uncover any hidden flaws or gaps in your existing security systems, and uncover any weaknesses that could be targeted and exploited by cyber criminals.

This step should always be undertaken by a cyber security professional. They have the specialised software and knowledge to scan your system and security protocols for vulnerabilities, and have the ability to test for weaknesses from both inside and externally to your business’ network.

Step 4: Identify network access points

A vulnerability assessment enables you to determine any potential access points to your business’ IT network. Once you know what’s vulnerable, and how it can be breached, you know how to address these issues.

Step 5: Network penetration testing

Network penetration testing is effectively putting your IT security systems through a trial run.

During network penetration testing, an IT cyber security expert will act as a cybercriminal and attempt to breach your business’ IT security systems. They’ll use the latest hacking methods and processes to probe your security system, and identify vulnerabilities and weak points across your whole network. This can include your operating systems, antivirus software, suite of business applications, cloud infrastructure, and any devices connected to your network.

This works to determine how easy your network’s vulnerabilities are to exploit—and you’d be surprised just how easy this is.

Step 6: Perform a risk assessment across your entire IT system and network

Once you’ve mapped out the entirety of your IT infrastructure and identified all potential vulnerabilities and weaknesses, you’re able to assess the potential risk against each discrete part of your network.

Whether it’s the risk of cyber security attacks, system or hardware failure, vulnerability to natural disaster, or simply human error, you can weigh each risk against its potential and estimate the likelihood and impact of each one. You’ll be able to determine which assets are more at risk, and which are more or a priority to safeguard.

Step 7: Recommendations

Once you’ve undertaken a cybersecurity audit of your IT infrastructure, you’ll be able to compile all the data and results and create a report of the recommendations to solve these issues within your network.

This gives you a roadmap to work towards to improve your Brisbane business’ IT security. When and how you implement these actions is up to you, but the important thing is that you’ve taken the first step to improving your business’ security posture.

Let GPK protect your Brisbane business against cyber security threats

GPK Solutions provides IT risk assessments to review the cyber security for your Brisbane business. Get in touch with us today and we’ll ensure your business’ IT systems and network is as safe and secure as possible.

Common Cyber Security Threats And How You Can Protect Yourself Against Them

Cyber security threats are insidious, so it’s important to know what you’re up against.

We’ve compiled a list of the common cyber security threats your Adelaide business may face, and some pointers on how to protect yourself against them.

Malware

Malicious software, commonly known as malware, is the bane of every user’s existence. It covers a host of nasty little pieces of software, including spyware, ransomware, worms, and a  multitude of computer viruses. Malware is designed to access your systems and network through vulnerabilities in your IT security.

It operates simply. A user clicks a link, downloads an email attachment, or clicks an on-page ad, and this downloads and installs malicious software onto their device. Once installed, the software can begin directly attacking different components within your system, crippling it. Or, it can remain on your system, secretly retrieving and sending data to an external party.

Ransomware

Ransomware is a particularly vicious cyber security threat. When downloaded and installed on your computer, this malware attacks and locks access to specific systems and data. You will receive a notification asking for a ransom in order to unlock it. And honestly? There’s not much else you can do.

Often, if you pay, they do come through on their word and unlock your system. If you don’t pay, though, this data gets thoroughly and irreversibly wiped. Ransomware is one of the key drivers to ensure your business has secure cloud backup services enabled.

Phishing and spearphishing

Phishing is one of the most common types of cyber security threats out there, to the point that it’s become an automated and ubiquitous part of everyday life. It takes a broad-based approach, where cybercriminals send emails and that look and sound like they’re from legitimate and trustworthy organisations. This then directs the user to a website, or to simply reply, with sensitive information such as bank details, user login credentials, or even request payment on the spot.

Spearphishing delivers a persistent, highly personalised attack against individuals, using repeated methods of communication to try and access their information. As automation software and AI becomes more powerful, this method is only likely to become more prominent.

Denial of service (DoS) and distributed denial of service (DDoS) attacks

Under a DoS attack, cybercriminals overwhelm the targeted computer network, system, or server with repeated traffic and data until the bandwidth is exhausted. This results in the system, whatever it may be, rendered unable to action legitimate requests, forcing it to effectively become inoperable. 

But these all typically come from one computer source. A DDoS attack is a similar threat, but on a broader scale. Multiple systems attack the one target, delivering a more forceful DoS attack. These types of attack can be extremely damaging financially, as they effectively shut down your business systems until the attacks ease.

SQL injection

SQL, or Structured Query Language, is a specific programming language that can be used to change and retrieve data from a specific database. This makes an SQL injection a particularly insidious cyber security threat. 

An SQL injection attack works by an external source inserting, or ‘injecting’, an SQL query via a data input channel. So, for example, your business might have a login screen on your website. Cybercriminals would go to this page, type in a SQL query into the input section, and use this to access your system. 

If they add the right SQL statement, they’re able to gain access to your website, database, system, network. They can then use further code to retrieve sensitive data, modify data, perform administration operations on your database, and other malicious activities.

Zero day attack

This cyber security threat refers to the situation where a new vulnerability is discovered within a system, piece of software, or database. As it’s only new, there’s no security patch to fix the issue—there’s been zero days to fix it.

Upon discovery, hackers leverage these vulnerabilities, and create code that can exploit these vulnerabilities before a security patch is created. When inside the system the hacker then has access to achieve whatever nefarious ends they’re aiming for.

How to protect your business against cyber security threats

The first step to creating a strong cyber security posture for your Adelaide business is to get the essentials right. You can read our blog on that here.

But in summary, make sure you have the following in place.

• Secure your devices with antivirus software and a VPN, and keep them up to date. This is your first line of defence against cyber security threats. So keep them up to date to ensure the latest protection for your business.
• Practice email safety. Use common sense: don’t click any suspicious links or emails, and change your password regularly.
• Practice password safety. We’re likely all guilty of this one, but it’s crucial to ensure your passwords are strong. Make them a minimum of eight characters, upper and lower case, numbers, and other characters and symbols.
• Ensure your business systems and software is up to date. Updating your systems and software to the latest versions ensures they’re protected against the latest vulnerabilities.
• Set up regular cloud backups of your data. Backing up regularly in multiple locations ensures all your business data remains safe and secure, up to date, and easily accessible should any ransomware attacks wipe out parts of your system.

We’ll help you stay protected against cyber security threats

GPK Group provides cyber security services to Adelaide businesses, to ensure you remain safe and protected against the rising risk of cyber attack.

Get in touch with us today for a free, no-obligation IT security discussion. We’ll talk about your current systems, and discuss how our robust cyber security solutions ensure your business remains safe against these common cyber security threats.

The Essential Small Business IT Security Checklist

When it comes to cyber security threats, you can never be too careful. To ensure you’re safe against rising cyber security threats and hacking attempts, we’ve compiled this essential small business IT security checklist.

It covers the essential things you should check when looking at cyber security for your Adelaide business.

Check your physical security

While it’s not strictly part of your IT, your building’s physical security is just as important to consider. A data breach can be as low-tech as an unauthorised person entering your office and stealing a thumb drive they see lying on a desk, or running off with an unsecured tablet or smart device.

To start with the essentials, it’s crucial that your business has the right physical security measures in place. Things like a staff ID tag-in/tag-out system, device tracking, and security cameras.

Secure your wifi

An unsecured wifi connection isn’t a big deal to the average person, although it does mean free browsing. To a hacker, however, an unsecured wifi connection is the open window into your business. So check to make sure that your business’ wifi connection is secured, and be sure to change your wifi passwords regularly.

If your business does offer free guest wifi, ensure it’s a different network to your business’ one.

Choose the right antivirus platform

When looking at cyber security for your Adelaide business, starting with the basics means ensuring you have robust antivirus software installed. There are many good options around, so it really depends on what works for your business.

Whichever you choose, make sure you update it regularly. Antivirus companies are updating their software to protect against the latest cyber security threats.

Set up your firewalls correctly

A firewall is unobtrusive, working in the background of your operating system as a filter to inspect all data and traffic that enters and exits your computer. If it detects any suspicious-looking packets of data, it stops these from entering your network. This also works to block any hacking attempts. 

Similarly, a firewall edge solution is a whole-of-network security system, that operates in much the same way. But instead of protecting just one device, it works to keep your entire network secure, and sits in front of your router to filter traffic into and out of your network from the internet.

Ensuring a comprehensive firewall is set up on all your devices, and potentially on your network too, is a strong step towards improving your cyber security posture.

Invest in a VPN

The next step in improving the cyber security for your Adelaide business is to set up a VPN, or Virtual Private Network.

VPNs are exactly what they sound like. It’s a private, secure, encrypted network, that can only be accessed by people with the right access credentials. It effectively acts as a tunnel, keeping all your business data and browsing activity hidden from prying eyes, only visible to other people also on your network.

A VPN can be set up both for business security, and to enable secure remote access for your teams. 

Enable two-factor authentication

Two-factor authentication creates an added layer of cyber security for your Adelaide business. It’s easy to set up, too.

When set up, your staff will log into your business systems and be required to receive a notification by either email, text, phone call, authentication app, or to a special USB drive, which contains their additional login code. They’re the only one that receives this code, so as well as creating an added security step, it effectively acts as an alert should anyone else try and access their account.

Monitor all BYO devices

It sounds simple, but does your IT team have a log of all devices that are authorised to access your network? This way you’ll know if any unauthorised devices are gaining access.

Provide comprehensive cyber security training

Delivering regular cyber security protocol training ensures your staff are up to date with the latest cyber security threats. It helps to keep cyber security top of mind, and reminds them about creating strong passwords, and demonstrating safe email practices.

It’s a good reminder that common sense isn’t always common sense.

Update your systems

If your operating systems and software aren’t updated, this means that they’re not patched against the latest cyber threats. This leaves them vulnerable to attack. So make sure you update your important systems and software on a regular basis.

Backup your data

If there’s one absolutely critical thing to remember, it’s that you should regularly back up your business data. This ensures you have the latest information available securely in the case of cyber attack, and you can get back up and running sooner.

We recommend having multiple backups, whether it’s on-site, external back-ups, or cloud data backups.

Ensure your business’ safety against cyber security threats with an IT risk assessment

GPK Solutions provides IT risk assessments to review the cyber security for your Adelaide business. So contact us today and we’ll help you make your business is as secure as possible.

Recent Cyber Attacks in 2020

As the dust settles, the industry is uncovering even more evidence of rapid growth of cybercrime during the upheaval created by 2020’s pandemic. Cybercriminals were indiscriminate in their attacks, targeting businesses and platforms of all types.

Cybercriminals targeted the ways we connect in a pandemic

In a time when online connection became so important, opportunistic cybercriminals were quick on the uptake to attack social platforms.

Telegram

Telegram, the cross-platform messaging software service, was attacked in September 2020. In this campaign, hackers were able to access the email data of some important players in the cryptocurrency space using the Signaling System 7 (SS7) protocol, which is used for connecting mobile networks worldwide.

It’s believed they attacked this platform to access two-step authentication codes, in order to get access to cryptocurrency safely secured within digital wallets worldwide.

Zoom

A more well-known and wide-ranging incident occurred to the workhorse of the COVID era, Zoom. This high-profile attack saw hackers access approximately 500,000 Zoom user accounts, passwords, credentials, and meeting URLs.

And it wasn’t a particularly sophisticated attack, either—but it was persistent. The hackers gained access via credential stuffing, one of the most common methods of cyber attack.

Essentially a scaled-up version of trying to guess a friend’s password, hackers use the information in stolen lists of usernames, passwords, and email addresses, under the logic that people commonly reuse these credentials. A stress-testing tool then deploys multiple bots at different IP addresses using combinations of these login credentials. All details met with a positive login attempt were then collated and sold on the dark web.

Zoom has since put in place stronger security measures, but it was a big blow during the initial pivot to working from home.

Software providers weren’t immune

One big cyber attack in October 2020 saw German software vendor Software AG hit with the Clop ransomware, with a cybercrime syndicate demanding a $20 million ransom.

While service to their customers remained unchanged, this attack ended up disrupting Software AG’s internal network, and casting a pall over their security protocols.

The scope of cyber attacks in 2020 broadened significantly

The December 2020 SolarWinds breach was one of the biggest cyber attacks of 2020, both in breadth and ferocity.

In this incident, hackers took advantage of malicious code that was inserted into the SolarWinds Orion network management software, targeting the server that provided access to patches and updates for these tools.

This enabled the hackers to infect multiple clients at once—clients who were part of some of the largest organisations in the world.

The US Departments of Treasury, Commerce, Energy, and network of the National Nuclear Security Administration all were breached. Even the US Department of Homeland Security found itself under threat. Fortune 500 companies across Asia, Europe, and the UAE came under attack, with tech firms like Microsoft becoming involved in the breach.

This attack was so large, and so wide, that security experts are still unsure of the full extent and scope of this threat.

Hackers enjoyed irony, too

With patrons worldwide distancing themselves from cruise ships in 2020, cybercriminals found their opportunity to take advantage of cruise lines.

Carnival Corporation, one of the largest cruise line operators in the world, found themselves victims of a massive data breach in August 2020. Hackers breached their network and encrypted their IT infrastructure, accessing confidential customer, crew, and employee information.

While there hasn’t yet been any flow-on effects from this attack, it still demonstrates the widespread effects that cyber attacks can have on businesses.

Close to home

Australia wasn’t without its significant cyber attack incidents, either.

Toll Group, the giant logistics company, was hit with ransomware attacks not just once, but twice, the incidents occurring within three months of each other.

In February, 1,000 of Toll’s servers became infected with the MailTo( Netwalker ) ransomware variant. This effectively shut down their supply chain, interrupting deliveries and services across the country. While it was discovered that no personal details had been leaked, it still had a chokehold effect on the business.

The second ransomware attack saw them fall victim to a different ransomware strain, known as Nefilim. This attack allowed the perpetrators to access a Toll corporate server, from where they were able to steal information about commercial agreements, and staff information.

We’ll help you stay protected against cyber security threats in 2021

GPK Group provides cyber security services to Brisbane businesses, to ensure you remain safe and protected against the rising risk of cyber attack.

Get in touch with us today for a free, no-obligation IT security discussion. We’ll talk about your current systems, and discuss how our robust cyber security solutions ensure your business remains safe in 2021—and help keep you out of this list for 2022.