A gym with close to 1,000 clients was recently hit by a ransomware attack.
The manager had bought some equipment and soon after received an email claiming there was an outstanding invoice with a PDF invoice attached.
The manager tried to open the attached PDF but nothing happened, and carried on working.
When he went back to the computer to access the document, the files were all locked, and a ransom pop up notice appeared, demanding payment to unlock their files.
The attachment was a ransomware file that had infected the computer when it had been clicked on.
The gym had not backed up or stored their data and so lost all their client records. To recover, the gym had to start from scratch to rebuild records while maintaining day-to-day operations like classes and personal training.
CERT NZ advised the gym to secure its systems by backing all data regularly and installing antiservices.
This case is included in the second quarter report of CERT NZ, and highlights the rising costs to enterprises from cybersecurity incidents.
Financial losses reported between 1 April and 30 June were $6.5 million, up from the $1.7 million reported in the previous quarter. Of the 1197 cyber reports during the second quarter this year, 21 per cent reported some type of loss.
Losing money is not the only impact businesses and individuals experience. Cyber incidents can also result in other types of loss like data, reputational and operational
“It’s evident that cyber incidents can result in financial loss," says CERT NZ director Rob Pope.
"However, losing money is not the only impact businesses and individuals experience. Cyber incidents can also result in other types of loss like data, reputational and operational.”
Read more: How to respond to a ransomware attack
Rise of ransomware
The report for the second quarter of the year highlights a 38 per cent increase in ransomware attacks from the three months.
CERT NZ says ransomware incidents have remained steady since 2017, making up 2 to 3 per cent of total reports received. This quarter, CERT says it has received 22 ransomware reports.
The attacks are mainly targeted at businesses, through email attachments or out-of-date software vulnerabilities.
Small businesses are increasingly experiencing the impacts of ransomware attacks, and the consequences are not always financial, says CERT NZ.
The gym, for instance, faced a reputational risk. The manager informed clients of the incident and that their files had been lost.
CERT NZ strongly recommends not paying the ransom as it does not guarantee files will be recovered. It advises organisations to protect themselves from ransomware by:
Keeping their operating system and apps up-to-date: Update to new versions when they’re available. You can set this up to happen automatically with major operating systems like Windows and MacOS, and common applications like Office.
Making sure they back up their files regularly: You can use an external hard drive or cloud service. This includes the files on your computers, phones and any other devices.
Installing antivirus software: Running antivirus software and updating it regularly helps keep your device safe.
Sign up for CIO newsletters for regular updates on CIO news, career tips, views and events. Follow CIO New Zealand on Twitter:@cio_nz
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.