Skip to main content

The ransomware industry is prospering well. Some websites help people with very little computer knowledge, for a fee, to develop ransomware attacks.  These websites have different business models such as Software as a service (where the buyer pays a fixed price), affiliate model (in which the agent identifies a vulnerable computer network, and the website will attack, get the money through ransomware and share commission).  Organisations of all sizes, industries, and sectors are targets for such attacks. 

Cybersecurity specialists recommend many measures to put in place to defend our computer networks from attacks.  All of them cost money. As organisations with limited funds, we must evaluate which security vulnerabilities we can live with and which ones we must protect ourselves against. 

Australian Signals Directorate (ASD) recommends eight practices to protect against cyber-attacks. This is the minimum standard. If we cannot put all eight in place, then we must focus on at least the top four.   

Explanation of The Top 4: 

  1. Application whitelisting is allowing computer users to operate only authorised applications.  

2 and 3: Application providers and the operating system providers release patches to fix vulnerabilities they discover. These patches MUST be applied. 

  1. It is not sufficient to restrict who has Admin (administrative) permissions. We should ensure that someone cannot hack the admin accounts easily

If you’d like to find out more or contact Digital Armour about their services please click here

Jane Ferrier