MailGuard Partners Blog

It’s one of the most contentious topics facing businesses and cybersecurity professionals at the moment: Should ransomware payments be illegal? 

The verdict is in, most industry experts and business leaders agree that Government contractors should be legally accountable for not meeting cybersecurity standards. A somewhat harsh stance perhaps, or simply being cruel to be kind? For partners, the approach could have serious ramifications.    

Ransomware attacks are impacting businesses every 11 seconds. That’s a staggering statistic for a threat that is all too real and wreaking havoc on companies' longevity, operations, and reputation. In Australia, the ACSC observed a 15% increase in ransomware attacks in the last year alone, whilst globally, losses from ransomware are projected to reach $US20 billion. This unfortunate global trend has called for urgent action from both the public and private sectors as we work together to combat this ominous threat.  

Every day we read of yet another business being compromised in the news, and we know that so many more incidents are unreported. The big incidents, like Kaseya and Colonial Pipeline, are only the tip of the iceberg. So, it concerns me that there isn’t more urgency to boost cyber security for business. And more specifically, with 9 out of ten cyber-attacks starting with email, do businesses know they can be doing more to keep their teams safe?

The spectre of cybercrime continues to loom large over businesses globally. The Australian Cyber Security Centre (ACSC) released its Annual Cyber Threat Report in September, offering comprehensive, yet alarming, insights into the threat landscape facing Australian businesses. As a trusted advisor to your customers, it’s a must read for MailGuard partners. We share some highlights below, and a link to the full report.

As we pulled the curtain on 2020, counting our losses from events that none had foreseen, with global geopolitical tensions rising, and in the wake of a global health emergency the likes of which we had never experienced, in COVID-19. It forced workforces across the globe to shift to hybrid or remote working and reflected in the IC3 2020 report summarizing the impact on U.S. citizens from cybercrime, citing “a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion.” Saying “This represents a 69% increase in total complaints from 2019. Business E-mail Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million. The number of ransomware incidents also continues to rise, with 2,474 incidents reported in 2020.”

We all use passwords. In fact, we need them to access almost any online device. They are the key to retrieving sensitive data, whether it be online banking, classified company documents or social profiles, such as LinkedIn. They’re the first line of defense to protect crucial information, and often the most vulnerable. It’s not surprising then, that cybercriminals often create phishing scams to steal password credentials in order to procure data for use in criminal activity.

To pay or not to pay? On the surface it may appear to be a relatively straightforward question, however, in reality, the answer is not so simple (particularly if we dig a little deeper). Amidst the plethora of information and advice offered by Governments, cybersecurity professionals and industry experts around the world, there is one thing that we seem to all agree upon: the answer to this critical question is not one-dimensional, whatever your viewpoint may be. Every incident is different because every company has its own unique set of challenges and priorities to consider.

Your customers' business data is being held hostage, encrypted with only their attackers holding the keys. So, should they pay up the ransom, or try to recover without handing over company profits to cybercriminals?