Blog

Your organisation’s brand and reputation are its most important assets – and if your servers fall victim to a successful phishing attempt, those assets can be severely compromised. In addition, you may well have legal obligations regarding the security and privacy of your customers’ personal and financial information.

Even with the best security, there are ways someone with malicious intent might access your account. And once an account has been compromised, the data in that account is lost – and the account typically becomes the gateway for a hacker to jump from account to account within your organisation. It can also become a portal for them to reach your customers, vendors and partners as well.

Cloud-based solutions, while inexpensive and convenient, are often more vulnerable because all a hacker needs is someone’s credentials to break in. Phishing attacks have recently moved from using “paypal-like” spoofs to mimicking common SaaS services such as Dropbox, Gmail, and business social media such as LinkedIn. They will create message that look exactly like these services and send them to your employees, luring them in to what appear to be legitimate login landing pages. And then once in, they often have access to entire suites of connected services (such as Office 365).

In some cases, the takeover is completely looped – when a suspicious email is received and the receiver does not respond but creates a new email to ask “did you send me X?” and a human is at the other end, ready to reply “yes, I sent you that file about the meeting we had” or some other plausible, genuine-sounding response. It is easy to see how even a careful, security-conscious user might be tricked.

So what do you do if you discover you or your organisation is the victim of a phishing attack? Immediately changing user names and passwords for any compromised access is a first step. You should not be using the same password for other applications – but many people do, so make sure you and your employees change any passwords that might have been the same. Common targets are email and social media networks, so it’s important to change those as well.

Immediately scan the system and all devices for malware, and take steps to remedy any you find. Also, if any credit card information may have been compromised (such as the account billing credit card if you experience a SaaS attack), contact your financial institution immediately to cancel the card and alert them to any possible fraudulent charges.

If there is any possibility of customer data having been compromised, you may have legal and notification obligations. If you are unsure, below are the entities StaySafeOnline.gov.au recommends you contact:

• The business advisory service run by your local council or state or territory government
• The Office of the Australian Information Commissioner – www.oaic.gov.au
• The Office of the eSafety Commissioner – www.esafety.gov.au
• Your relevant industry or member association
• iDcare (iDcare.org) also works with organisations of all sizes to make sure they know what to do if customer details are digitally or physically stolen. They can provide “best practice” recommendations and support for your particular situation.

Of course, the best case scenario is to avoid a phishing attack altogether. With Blutone Technologies, your system is monitored 24/7 for potentially malicious login attempts, and you are notified immediately if anything is compromised. Give us a call today and find out how you can get the peace of mind you need, knowing your system and business reputation is secure.

It’s important to take preventative action to stop cyber-security incidents from occurring. But realistically, many individuals and companies will find themselves under attack by hackers and subjected to other threats. Don’t wait until something happens to make a plan for how to respond and limit the damage. The stress of the attack itself will push you into hasty actions that may actually make the situation worse.

Give yourself some peace of mind and create an incident response plan that answers these questions:

• What is your threat environment? How likely are you to experience an incident? What is the possible severity? Be sure to consider industry-specific threats, your third party networks, at-home workers who may be working on less secure devices, and what type of data your company collects and stores.
• What are your key assets? Identify your mission-critical systems and most important data. What would the effect be of losing any of them?
• What is the plan for each major incident type? Different incidents have different responses – a loss of personnel data vs. a ransomware attack vs. a breach of customer payment information, for example. What are the response objectives and timetable for each?
• Who’s in charge? All parties – management, IT and line staff – need to understand the chain of command. Who makes what type of decisions? What is the involvement of senior management? Management responsibilities and staff.
• Who are your resources? Include key contacts with third party providers, local or home office workers. Create checklists and guides for staff and management to use during the incident response.
• Who needs to know? Senior management, Board members, suppliers, external agencies and third party providers may all feel the impact of your incident. Be sure you understand under what circumstances you need to alert the Australian Cyber Security Centre
• What about the public? How will you communicate with your customers or clients? Who will be your spokesperson if the media is involved? These are key questions, because damage to your reputation can be far greater than the cost of the incident itself.
• When do you need to practise and update the plan? Create a schedule for reviewing your plan periodically to make sure it takes changes in the threat environment or organisation into account. Larger organisations are advised to review every three months; a smaller organisation perhaps every six months.
• What else needs to be considered? Legal exposure? Impact of each type of incident across the rest of the business team (not just the technology department)?

When an incident occurs, it is critical to document all incident details and your response actions. This will not only protect your reputation and limit potential liability, it will offer insights into what can be done in the future to avoid a cyber-security incident.

With a well-planned response protocol in place, recovery time and the effects of the incident are decreased recovery time. As always, being fully prepared is your best defense – and prevention is better than reaction. Blutone Technologies is here to make sure your systems are protected and your data secured. Get in touch today and find out how we can safeguard your business.

You have so many business challenges – product development, sales, marketing, finances – and you don’t need to add spam, viruses and ransomware. Investment in your cybersecurity infrastructure is a smart way to protect your business from malicious online attacks.

Here are some of the risks to your business and steps you can take to mitigate them:

• Software viruses: Viruses, spyware and other malicious software or malicious code (malware) can stop your computer working properly, delete or corrupt your files, steal information, or allow others to access your computer and your business information.
• Data loss: Malicious actors use a variety of means to block or erase your data – and it can happen without warning. Your data stored on servers, computers, phones, tablets… it can all be gone in the blink of an eye. Protect your data with a continuous back-up plan that offers you the ability to restore your data at any time you need.
• System hacking: Strong firewalls discourage hackers and inhibit the ability of malware and viruses to reach your data.
• Identity theft: Create a password and PIN strategy to ensure your system is only accessed by authorized users. With regular changes and randomly generated passwords and PINs, you can more effectively protect your data.
• Point-Of-Sale (POS) breach: POS is a very attractive target for criminals due to the prospect of gathering payment information from a variety of your customers. Ensure all your POS options have up-to-date virus protection and limited administrator access.
• Lack of security training: Lack of awareness is the chief facilitator of cyber attacks. Make sure you and your employees understand security threats and know how to avoid them. One employee opening an infected, malicious attachment can bring down your whole system.

Blutone Technologies detects attempted breaches and risky content to avoid being infected, offers anti-virus software that monitors and protects all your data devices, ensures your system is as secure as possible and stores your complete back-up data. Our complete cybersecurity can serve any business – SOHO to enterprise. Make sure you and your clients are protected from viruses, malware and data breaches – get in touch with Blutone Technologies today.