Waikato DHB cyber attack a timely reminder for small businesses

Waikato DHB cyber attack a timely reminder for small businesses

The recent cyber-attack on the Waikato DHB is another timely reminder to make sure you’re protected so something similar doesn’t happen to your business. Our cyber expert Steve Dymond shares his key takeaways from this event.

The Waikato DHB attack is a disturbing progression for the cybercrime landscape – locking down and holding to ransom such an important piece of infrastructure obviously presents itself as a veritable ‘crown jewels’ for cyber criminals. 

But the ethical lines - which I think we all hoped would be out there - are getting blurrier all the time. It was only a few weeks ago that we saw a major attack on a US fuel pipeline, which has caused immense damage over there.
 
My key takeaway from reading about this event is disaster recovery and business continuity, and how important it is test your disaster recovery or business continuity plans as much as possible so you know exactly how long it should take to get your networks and services back online in case of the worst-case scenario. 

It’s being drummed into us that it’s a matter of ‘when’ not ‘if’ when it comes to cyber-attacks, so we all need to prepare for the worst. I’m sure Waikato are doing all they can to get everything back up and running. Even as a small business though – how long is okay to be ‘down’? Have you tested your disaster recovery process in its entirety? These are questions SMEs should be asking themselves in the light of what’s happening around us. 

In addition to having a plan for when things go wrong, check out these top tips that you can check now, yes right now, to help keep your business safe from attack:

  1. Install software updates as soon as they’re available – these often fix security vulnerabilities 
  2. Implement two-factor authentication – which means anyone who logs into your system will need to provide something else on top of their username and password to verify who they say they are
  3. Back up your data – make sure you have a backup or a copy so you can restore data if it’s compromised in any way
  4. Set up logs – can help show you when an incident may be about to occur or when an incident has occurred e.g from an unknown IP address
  5. Create a plan for when things go wrong – this will help you take control of a situation and reduce the impact on your business 
  6. Update your default credentials – these are login details that give the user administrator-level access to a product, and should only be used for the initial setup, then changed afterwards
  7. Choose the right cloud services for your business – before you commit to a certain provider, make sure they can give you the services and protection you need
  8. Only collect the data you really need – the more you collect, the more valuable it is to an attacker
  9. Secure your devices – enable anti-malware software on any device that accesses your business data or systems. This prevents viruses and ransomware from being downloaded
  10. Secure your network – by using a firewall or proxy
  11. Manually check financial details – manually check any fishy looking business transactions e.g by phone. This will help prevent online fraud and scams. 
     

For further information, read the full list of tips for businesses on the CERT NZ website.
 

General Advice Warning


The information provided is to be regarded as general advice. Whilst we may have collected risk information, your personal objectives, needs or financial situations were not taken into account when preparing this information. We recommend that you consider the suitability of this general advice, in respect of your objectives, financial situation and needs before acting on it. You should obtain and consider the relevant product disclosure statement before making any decision to purchase this financial product.
 

Business Interruption Insurance

Business Interruption Insurance

From your family and employees to customers and suppliers, there are a lot of people who depend on your business opening its doors each day.

Cyber Insurance

Cyber Insurance

Technology has never been so deeply entwined in our businesses. While it delivers significant efficiencies and convenience, it also comes with significant cyber risks.

Find your local Insurance Adviser

Talk to your local Adviser about your insurance needs and to get a quote