Q&A -Cyber Risks

All systems including both Mac and Windows are vulnerable to threats and exploits. Macs have enjoyed fewer security issues for a number of reasons including hardware, software design and also just being comparatively harder to attack than Windows. A variety of cyber risks are not necessarily device dependant, such as social engineering attacks like phishing where cyber criminals deceive you into taking action. More important than specific hardware is to ensure you are using a good firewall and endpoint antivirus protection, and that you keep all software and operating systems up to date.

Cloud products can have markedly different security so it’s hard to lump them all together. Larger Cloud providers generally have greater resources to apply to security than individuals or small organisations, so you can often enjoy very good security at an economy of scale. If you are considering Cloud storage on a daily basis there are a few elements to bear in mind e.g. internet speed required i.e. any increased costs, reliance on an external dependency, introduction of a single point of failure such as internet uplink, etc. There are data management considerations also, such as how and when you have access to your data, how privacy will be enforced, what happens to your data if the agreement is terminated e.g. exit strategy and business continuity planning, etc. RACGP has some good advice on Cloud at http://www.racgp.org.au/digital-business-kit/cloud-computing/

This is a complex topic to discuss as there are many dimensions. Typically, when we talk about encryption we are talking about encrypting ‘data at rest’ and ‘data in transit’. Encryption of ‘data at rest’ would normally be achieved by your storage software or hardware, such as your backup software or secure portal drive. Encryption of ‘data in transit’ is normally achieved by ensuring that HTTPS is used (SSL/TLS) – if you see the padlock icon closed in your browser toolbar then you can generally trust that data sent to that particular website is being ‘encrypted in transit’. A very simple and effective way to encrypt any small amounts of data is to use the ‘password’ feature of your preferred Zip utility e.g. WinZip. Placing files in a password protected Zip file means they are securely encrypted, both at rest and in transit. Just remember not to send the password in the same email as the Zip file! A good approach is to send the Zip file by email and the password by SMS. Also, remember to use a strong password.

This depends on the legal jurisdiction in which the provider operates. Providers operating within Australia law have an obligation under the Australian Privacy Principles to disclose the location where data is stored, however as good as that sounds it may actually be very hard to discern what data is stored where, i.e. it is very common for business to store the bulk of customer data within Australia but also engage one or two overseas data services for other operational purposes. With recent significant industry investment in Australian data centres there are now a plethora of good Cloud service operating within Australian data locations and jurisdiction, most will make an effort to make this clear in order to differentiate themselves in the market.

That statement would be generally true of certain Cloud services provided by reputable service providers. A good way to think of Cloud is that you are running your software on someone else computer rather than your own, and you access it via the internet. There are both good and bad Cloud services and you need to do your homework to understand the benefits and risks. RACGP has some good advice on Cloud at http://www.racgp.org.au/digital-business-kit/cloud-computing/

This is a difficult question. Industry experts consistently advise that you should not pay as it would legitimise and prolong this kind of criminal activity. However, the decision is much harder when your own critical data is at risk. Payment is not a guarantee of data recovery, however many do pay and many do recover their data – surprising as it sounds it is in the interests of ransomware criminals to build trust and protect their reputation, they do this by honouring payments. If you have not already been attacked, then your focus should be entirely on ensuring you maintain regular and recent backups of your core data, in this way you will never have to make the decision of whether to pay or not. Paying the ransom may or may not get your data back, successfully restoring from backup definitely will.

No protection systems are perfect, they do however significantly lower your risk. An arms race is ongoing between hackers and the groups that defend against them, in many regards they have created a perfect environment for the creation of ‘super bugs’. Traditional anti-virus software detects threats by checking against a huge list of known threats, kind of like keeping all the photos of known criminals at airport security – this fails to detect new threats until they have been discovered and added to the list. So-called “next-generation” anti-virus software attempts a more behavioural approach based on threat activity rather than appearance. If you are not satisfied with the performance of your anti-virus then consider changing it or running multiple solutions. Remember that you need to combine a good firewall with good anti-virus software and if possible add additional endpoint protection e.g. anti-malware etc. Advanced systems offer intrusion prevention, sandboxing, etc. which can be quite complex topics in their own right. If you are very concerned and have sufficient resources at your disposal then consider a Unified Threat Management (UTM) solution e.g. Search on Google for unified threat protection