The discovery of the world’s first piece of ‘ransomware’ aimed at Apple computers should be a warning to North East business owners of the threat that ‘cyber blackmail’ could pose to their operations.That’s the view of Paul Holborow, head of the specialist technology support division of RMT Accountants & Business Advisors, after the announcement by Californian technology security firm Palo Alto Networks that they had identified the first malware programme to specifically target OS X machines.
Ransomware works by uploading a piece of software onto a business’s computer network, often through an innocent-looking email attachment on which a recipient unwittingly clicks or via a weak spot in the system that is being used, which locks users out of their files by encrypting them.
The criminals behind the attack then make a demand for payment for removing the programme, with the online currency Bitcoin often used for processing this to ensure the criminals’ anonymity.
In June last year, the US FBI announced that it had been contacted by almost 1,000 victims of a ransomware scheme called CryptoWall who has sustained combined losses of more than $18m.
Paul Holborow is now advising all companies to review their online security provisions, regardless of what operating systems they use, and to ensure their employees are adopting safe working practices when it comes to their use of business technology.
He says: “Cyber security issues pose a real threat to owner-managed businesses across the North East, and it’s no underestimation to say that the impact of these cyber attacks can be bad enough to put companies out of business permanently.
“If you are unfortunate enough to be hit by a ransomware attack through an infected email attachment, this can, depending on the attack, cause havoc with your data and productivity.
“You might not need to pay the ransom if you have good backups and continuity plans, but you are likely to incur considerable costs for the technical support required to put everything right again.
“Until now, ransomware has only been aimed at Windows PCs and mobile platforms, and it has become a very successful way for criminals to extort money from businesses, but the KeRanger programme that’s now attacking Apple machines shows that their attentions are now also turning elsewhere.”
Recent industry research found that almost two thirds (63%) of small businesses suffered a malware infection in 2015, compared to 45% the year before, while the number that had suffered online attacks by ‘unauthorised outsiders’ has risen from 33% to 38% over the same period.
Paul Holborow continues: “Cyber attacks have both a direct business impact on costs and productivity, and potentially a longer-term indirect impact on reputation, regulatory compliance and financial performance, which can be significantly more damaging.
“The Government’s Cyber Essentials programme can give businesses some support in preparing to address their cyber security provisions, but it’s really up to individual companies and their management teams to try to ensure that not just their staff, but their customers and suppliers are taking this issue seriously enough.
“Taking a proactive approach to using and managing businesses technologies, making sure staff are fully aware of the risks they could face at any point and keeping anti virus provisions up to date is absolutely essential in protecting SMEs from the potentially substantial impact of ransomware and other cyber attacks on their long-term viability.”