NZ dental franchise nearly destroyed by employee's internet use.
If you run a business, you’d be excused for thinking you’re safe from online thieves, scams and hackers. I mean, who’d want to target little old New Zealand?
The truth is, lots of people target New Zealand and it’s costing Kiwi businesses millions of dollars every year and rising.
A New Zealand dental franchise recently found out the hard way after they fell victim to one of the many successful cyber attacks on Kiwi businesses in pursuit of financial gain.
One of the biggest weak points businesses have is in ensuring their staff are using the internet safely and not randomly clicking on unknown links.
Read on to find out how an employee's internet use nearly destroyed the whole business, and how to stop it from happening to you.
The scam.
An employee in the Accounts department of a well-known Kiwi dental franchise was checking her work emails when an innocent-looking email came through requesting payment for an invoice.
As you can see, the email looks very believable and like a standard email sent from widely used accounting software Xero. Unfortunately, in this case the blue ‘View invoice’ button linked to a form of downloadable malware.
Malware is a piece of software which causes harm to your computer. There are several types of malware which can infect your computer in many different ways.
Some will steal all of your information, some will allow someone else to remotely control your computer without your knowledge and some will destroy information. Others will even allow people to spy on you, such as by watching through your web cam, listening to you, recording your online activity etc.
The damage.
In this particular case, the malware was a type called ransomware. As the name suggests, it’s typically used by online thieves who threaten to publish the stolen data or perpetually block access to it unless a ransom is paid.
The ransomware locked the employee’s computer, including all of their files. Unfortunately, because the computer was operating on the work network, the ransomware was able to spread to all of her colleagues' computers too. This meant the entire Accounts department were locked out and denied access to their files, accounts, invoices, payment history and more.
At this point, the criminals demanded a sizable ransom in order to unlock the Accounts department computers.
Ransomware increased globally by 715% in 2020. It's a trend that is continuing to grow, becoming more prevalent, dangerous and costly to businesses.
The solution.
Regardless of how big or small your business is, it's important to have a daily backup of all of your files and data. That way, if your business does get attacked by ransomware, you can easily reinstall all of your information without having to pay a ransom.
A simple method is to download your data onto a portable hard-drive each day, however, it’s much safer to implement an automated system which takes daily backups without any user intervention. These days, there are numerous ways to securely back up your data in a cost-effective manner.
You’ll also need to regularly check that the backups are running successfully and that your backed up data and files are easily available, to avoid discovering during an emergency that you can’t actually access them.
This is where using a provider like Swerve is a much smarter option, and surprisingly inexpensive overall. You'll find the costs will far outweigh the cost to your business of being unable to operate for several days.
Depending on your particular business, a server replication can also be implemented as an additional solution. While a data backup saves files and information from your computer, a server replication takes that a step further and backs up all the software you use as well.
This means that if your system does go down, you won’t need to spend extra hours, or days, reinstalling all of your data and software that is specific to your business.
For the affected dental franchise, we set up server replication on top of their existing daily backups. We also set up firewalls between each of the departments of the business. This meant that if one department went down, it wouldn’t impact any other departments within the business, so the company could continue to run while we reinstated the affected department’s information.
The results.
Just a month after we implemented the above change, another member of the Accounts department from the dental franchise unintentionally clicked on a ransomware link.
With the protection put in place, the team was back up and running within a couple of hours, without disrupting the rest of the business. Most importantly, they didn't lose any data or money in the process.
This saved them thousands of dollars, as well as the associated panic and headaches.
Protecting yourself and your business.
You can easily find out if your business is vulnerable to these types of scams or attacks. Take this short, simple test to check whether you and your business are protected - just click the button to get started.
Many Kiwi businesses are unprepared when it comes to securing themselves from online theft. Most companies believe that having a dedicated IT consultant, or having their online systems set up professionally, means they're automatically safe. Unfortunately, this isn’t the case.
At Swerve, we hate seeing New Zealand businesses getting scammed and that's why we've set up user-friendly, easy to implement processes, which help to secure and protect your livelihood and business.
Our systems help to reduce the chance of human error when operating online. Whether it’s safeguarding your accounts team, setting up simple security systems, or familiarising your team with correct online policies and training.
Do you want to safeguard your business and reduce the risk caused by online thieves, scammers and hackers?
Book your free business security audit with us today by clicking the button below.