How to recover your business' reputation following a cyber attack (and why you'll need to kn
“The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow.”
This is the opening line of the Australian Government’s Cyber Security Centre Threat Report for 2015 – and it’s matched by the opinions of cyber experts around the world: attacks are only going to get more frequent and more costly.
Only earlier this month we saw ISIS take credit for the hack and release of personal details of hundreds of Australian military, political and diplomatic personnel.
One of the most prevalent and costly forms of attack recently is a type of malware called ‘ransomware’. This is a virus that encrypts all your data and files (everything from personal information to clients' confidential files) and demands you pay a hefty ransom for data decryption. Victim companies’ in-house IT boffins haven’t been able to combat this threat so far.
In 2014, one strand of this ransomware, ‘CryptoLock’ attacked more than 1.05 million computers and 60% of these were in Australia (according to Websense's ThreatSeeker). Some reports (see Trend Micro 2015 Threat Report) estimate Australia's national loss to cyber security incidents at $17 billion in 2014 - this places Australia second only to the US in ransomware detections.
In a recent Computerworld article, Websense engineering manager Bradley Anstis, said the focus on Australia is due to our low level of cyber security awareness.
How to help prevent it
The vast majority of advice focuses on educating employees and consumers about best practice in avoiding cyber attacks.
The firsts task is to counter the attitude that ‘it won’t happen to me’ or ‘I know how to spot a spam email’ because – as Dell Software MD Ian Hodge demonstrates – cyber criminals are getting smarter and are using official looking templates. An example of this is the recent (and very effective) campaign that imitated the Australian Federal Police.
Looking for more technical advice? The Australian Signals Directorate (ASD) recently released their top four strategies in mitigating cybercrime risks.
Regardless of how technically prepared you might be, cyber crime is a reality in the 21st Century, so it is essential to plan how your business will recover its reputation if the worst occurs.
Assuming you've already mobilised your in-house or outsourced IT gurus to take care of the technical recovery, you should also consider reporting the attack to CERT, the national Computer Emergency Response Team working under the Attorney General's department. CERT is the point of contact for Australian businesses experiencing cybercrime. To report an incident:
Call the Hotline on 1300 172 499, or
You should also report the incident to local law enforcement via the Australian Cybercrime Online Reporting Network. Both these organisations will not only investigate the incident but provide you with further advice to help recover your business.
Communicating with your stakeholders
Updating all of your relevant stakeholders should be one of your next steps. This includes notifications to groups like staff, suppliers and consumers, so they're aware of the situation, understand what you're doing to resolve it, and what you need them to do while you’re resolving it.
As always, we recommend following the Briggs Communications crisis message model in your immediate response:
Establish the facts
What we know
What we don't know
What we are doing
What we want you (the community) to do
It seems obvious, but keeping your stakeholders informed about what’s happening and what you are doing to resolve the issue (including how you intend to prevent it from happening again) is crucial to maintain their confidence in your business and your ability to handle critical incidents.
A communication strategy based on honesty and transparency almost always outweighs any alternatives in the long term.
What we can do to help
We can provide pre-written templates and adaptable strategies for you and your staff to follow and use if you fall victim to a cyber crime, or a suite of other critical incidents.
If you want to prepare your business, or have any questions, call or email us today.