It is imperative to ensure your Internet of Things (IoT) deployments are safe and secure from ransomware and cyber attacks. Improving responses to IoT cyber attacks can be as simple as implementing a few small changes in your cyber security measures.
According to Cybersecurity Ventures, an online cybercrime magazine, the latest prediction of global cybercrime will reach USD$10.5 trillion annually by 2025. Ransomware is expected to cost victims around USD$265 billion annually by 2031. Moreover, it is an over tenfold increase from the global ransomware damage cost prediction of $20 billion for 2021.
Why you may be a target of cyber attacks
Disrupted supply chains result in businesses losing revenue through production downtime. Moreover, the bigger the firm, the bigger its operations would be, leading to even bigger production downtime. Therefore, businesses will be more likely to pay the ransom to get their operations up and running. This is especially the case if their products and services are time-sensitive. Supply chain disruptions in large-scale businesses, such as the agricultural industry, manufacturing, and transport and logistic industries, would create massive production downtime. Thus, causing huge financial losses as well as affecting a variety of key stakeholders. Something that businesses would rather avoid, and something that cybercriminals are increasingly aware of.
According to the government’s cyber security agency, the Australian Cyber Security Centre (ACSC), there has been a 60% increase in ransomware attacks against Australian entities in the past year. Numerous ransomware attacks against Australian companies have occurred throughout 2020 and 2021. For example, some incidents include attacks against Toll Holdings in February and May of 2020, Nine Entertainment in March of 2021 and the largest meat supplier in Australia, JBS Foods in June 2021 that affected 47 facilities across Australia. In short, with more and more attacks occurring regularly, securing your Internet of Things deployment, and protecting yourself from ransomware has never been more important.
Global research and advisory company, Gartner, says that 90% of ransomware attacks are preventable. But to protect yourself from attacks, proactive steps must be taken to ensure your future is secure. In other words, do not wait until vulnerabilities are exposed before you act. It comes down to how well-equipped your systems and people are when they are threatened by ransomware attacks.
How to protect yourself from cyber threats
Regardless of the size of your operations and budget, one of the most effective ways to defend yourself against ransomware threats is to train your staff. As a result, training staff to detect phishing emails and how to react to them can reduce ransomware threats. In addition, remember that it is a continuous process as cyber criminals are persistent and will make numerous attempts to tap into your organisation. Human error is the key vulnerability in cyber threats aside from infrastructure. Protect your business by implementing staff training to prevent human errors.
Furthermore, one often overlooked aspect of cyber security in a business is its investment in IT systems and infrastructure. For instance, technology and cyber attacks are evolving at such a rapid pace. Moreover, systems that could have protected you one year ago may no longer be sufficient to protect you today. Protect yourself from IoT cyber attacks by constantly re-evaluating, upgrading, and keeping informed on potential threats.
For bigger business operations
Essential Eight can be a good starting point to protecting your business. It can protect organisations from IoT cyber attacks and security threats by implementing mitigation strategies. Customise the strategies based on your organisation’s risk profile and threat levels with strategies covering prevention, minimisation, and recovery.
Cyber threats are continuing to rise. Reduce the risk your organisation faces by complying with the Essential Eight strategies. You and your staff will also be able to respond to threats with smart cyber security strategies to protect your data.
The Essential Eight strategies:
- Prevent cyber attacks
- Limit impact from cyber attacks
- Support data and systems recovery after a breach or natural disaster
The Essential Eight Strategies
Mitigation strategies to prevent malware deliver and execution:
- Application whitelisting
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
Mitigation strategies to limit the extent of cyber security incidents
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
Mitigation strategies to recover data and system availability
Tips for smaller business operations
For smaller business operations, consider following the tips set out in the Small Business Cyber Security Guide, available from the Australian Cyber Security Centre. The guide explains that while you must be aware of phishing scams, they come in more forms than just an email. These scams are becoming increasingly sophisticated and harder to spot, and can come in the form of emails, SMS, social media, and instant messaging. The guide highlights points that you should be cautious of:
Requests for money, especially if urgent or overdue
Requests to confirm logins details
Ensure that all operating systems and software are constantly up to date, and always backup your business data. Turn on or set up auto-update, especially for your operating system and your anti-virus software. By doing so, devices are kept up to date with the latest online security protection, and enhanced efficiencies for your device and programs. Don’t forget to switch on auto-backups so that your data and information saves automatically without you having to save it manually. The guide recommends safely disconnecting and removing backup storage devices after each backup. Thus, IoT cyber attacks will not impact the backup device.
Complete the form to learn how to protect your business from cyber attacks
Does your business need a cyber security update? Complete the form to access the ACSC Small Business Cyber Security Guide.