Ransomware is a form of malware or computer virus that demands a ransom from its target – and unfortunately for everyone but the cyber criminals – it’s impact is increasing – both in New Zealand, and around the world.

In the past, the cyber criminals behind ransomware might block access to your data if you didn’t pay up. Though with a recent enough backup you could avoid paying the ransom. In recent months however, the ransoms have shot through the roof and some cyber criminals will release your private data to the world  if you refuse to pay the ransom in the timeframe they demand.

Most ransomware victims are small businesses with it recently suggested that 1 in 5 small businesses have been hit. So why are so many organisations getting hit with ransomware? I think it comes down to apathy, there’s a feeling that “it won’t happen to us” within a lot of firms who refuse to invest in cyber security. It reminds of the early days of PCs and Macs, most people didn’t back up their data. But slowly that changed as everyone had an incident where they something important, and from that point on, they started taking backups seriously.

When I first started raising concerns about Ransomware publicly about 7 years ago, most organisations that were hit would receive a ransom demand of perhaps a few hundred dollars. In recent months those paying ransoms have seen their average pay out pass $180,000. This is around 10 times what it was at the beginning of 2019.

Add to that examples, such as ExecuPharm – who had their confidential and private data leaked to the internet (everything from emails, to drivers license numbers and credit card details) following a ransomware attack and the impact of getting hit be cyber criminals is getting nastier by the day.

What should a Small Business in New Zealand do?

If you’re not sure how secure your organisation is then now might be exactly the time to get a Cyber Security audit so you can minimise the risks. In the immediate term, have your IT team review:

  • Security surrounding any remote access to your network
  • How up-to-date your software is
  • Your password security (is anybody using the same password on more than one system?) and use of multifactor authentication (much the same as what your bank demands)

If you’re not sure of your security state, then consider investing in Cyber Security audit – a basic cyber security audit can run as low as $1500 for a small business in New Zealand.