Australian businesses have been urged to recognise the significant level of ransomware threat from cyber adversaries. Scamwatch has received over 3,900 scam reports mentioning the coronavirus with over $3.1 million in reported losses since the outbreak of COVID-19. Ransomware acts as a method of extortion, locking a computer’s content and displaying a message requiring victims to pay a ransom in order for them to regain access. The emails delivering ransomware to victims often mirror the branding of trusted and reputable corporations as part of their techniques.
Why are businesses vulnerable now more than ever?
With lockdown restrictions, Australians are relying on the internet more than ever before. Residents are compelled to shop online, while employees have adopted a new way of working, from home. Cybercriminals are using the pandemic to their advantage by preying on the fears and susceptibility of the population. As people begin to use new online services, there’s a learning curve as they may be unfamiliar with different privacy settings, leaving themselves unprotected to an attacker. With screen time increasing during the lockdown period, so does the size of information available to cybercriminals.
How to reduce the cybercrime risk to your company
- Train your employees on security measures: It’s essential to implement the right security protocols that mitigate most of the risk. Employee training in this area should be a key priority for business owners. Well-informed workers make it difficult for scammers to gain unauthorized access to networks, files and information.
- Update your company’s operating systems and software regularly: Necessary remote work security practices include two-factor authentication, implementing a zero-trust network strategy and using an operating system that is secure by design. Each employee’s operating systems and software should be updated as frequently as possible.
- Use encryption for sensitive data and information: With the rise in employees working away from the office, communication of sensitive information is frequently occurring through email and phone. Companies should use full-disk encryption to protect computers, tablets, and smartphones of employees, saving a copy of the encryption password in a secure location separate from stored backups. A crucial note is that email recipients typically need the same encryption password in order to decrypt and access the information. You should never send the password or key in the same email as the encrypted document. Instead, give this to employees via a phone call or some other method.
Staying up to date with recent scams
You can access the most recent scams impacting business through the Scamwatch website. Businesses can also sign up to the ACCC’s Small Business Information Network to receive emails about new or updated resources and scams relevant to the small business sector. You can find more information on what to keep an eye out for and how to prevent cyber security threats here.
Cyber insurance acts as a safety net should your business be impacted by a cyber-attack or data breach. Western General Insurance has access to policies that can include business interruption loss due to a network security failure or attack, human errors, or programming errors, as well as liability arising from failure to maintain confidentiality of data.
To find out more or get a quote, contact us.
As our trusted clients, we wanted to make you well-aware of recent changes regarding COVID-19. As of 28th July 2020, Victorian employers are now required to notify WorkSafe immediately when they become aware that a worker has received a confirmed coronavirus (COVID-19) diagnosis. More precisely, an employer must notify WorkSafe as soon as they become alert that:
- An employee, contractor, or an employee of a contractor has received a confirmed diagnosis of COVID-19; AND
- The individual has attended the employer’s workplace in the 14-day period prior to the onset of symptoms or the confirmed diagnosis, whichever occurs first.
Self-employed persons are also required to notify WorkSafe under the regulations. This regulation will remain in place for the next 12 months.
The change comes into place under the Occupational Health and Safety Act and aims to assist WorkSafe to reduce the risks to health and safety in the workplace that are arising from COVID-19. We are now aware of high importance of timely notification of a worker that has tested positive, therefore the effective management of health and safety risks is critical.
Potential breaches of this employer duty will be swiftly investigated to ensure compliance. Failing to notify WorkSafe under section 38 of the OHS Act can lead to fines of up to $39,652 (240 penalty units) for an individual or $198,264 (1200 penalty units) for a body corporate.
What employers should do now
Victorian employers should review their incident notification policies to ensure that any COVID-19 case is reported to WorkSafe Victoria. You should also take hands-on action to remind workers of your companies COVID-19 Plan, policies and procedures, including:
- Requiring workers to notify you if they have tested positive for COVID-19;
- Directing workers to stay home if they are sick or displaying symptoms;
- Instructing workers to notify you if they have been in close contact with a person who has had COVID-19;
Training workers on the use of PPE and appropriate hygiene measures;
With the steep rise in remote working, introduction in new health measures and economic stimulus all related to COVID-19, we’ve seen increased cyber risk incidents.
As part of our pledge to ensure that all of our clients are up to date with correct information, we want to notify you of how we are responding as a business and an industry to the impacts of the coronavirus.
In many parts of the world, robots have already hit the fields behind the wheel of autonomous farming vehicles. Driverless machines are taking over a multitude of tasks such as spraying, planting, ploughing and harvesting as farmers worldwide find ways to make the technology work for them.
Being prepared for a bushfire will help save lives, save buildings, and help keep destruction to a minimum. Ensuring that you have enough insurance to cover any damages or losses from a bushfire can also form part of your survival plan - knowing that you can rebuild will be a huge weight lifted should anything happen to your property.
We've all heard stories about insurance claims not being paid out based on a technicality or some minor detail, and it always seems to be at the worst time in someone's life. An unexpected disaster resulting in injury or damage to your property can be stressful at the best of times, but imagine not being insured enough to cover the cost of the most basic of repairs let alone sufficient to rebuild if required.
Cyber security is growing risk in Australia, particularly for small businesses. According to a 2019 report, cyber criminals have shifted their focus, targeting more small businesses, resulting in a 424% increase in breaches from 2017.
According to an article published by Grain Central, the 2019 GrainGrowers Multi-Peril Crop Insurance (MPCI) report found that the Australian multi-peril crop insurance and drought insurance market is in disarray with providers exiting the market and a lack of products.
Just 10 years ago less than 1% of small to medium enterprises (SMEs) had any type of financial lines insurance. These days, and with more and more companies facing litigation in connection with management risks and exposures, management liability insurance is now considered a ‘must have’ for Australian businesses.