All businesses are at risk of cybersecurity threats, not just large-scale enterprises. For small businesses in particular, the risk of cybercrime from a computer virus, malware or ransomware is very real, given that many don’t have dedicated IT support services in place.
In the year ending June 2021, the Australian Cyber Security Centre (ACSC) recorded cybercrime losses to Australian businesses of $33 billion. It’s critical as a business to understand the risk, and to take steps to protect yourself, your employees and your business data.
What’s the difference between a computer virus and malware?
These terms are often used interchangeably, but malware is the catch-all name for any kind of malicious software that tries to insert itself into a computer or network to gain malicious control or cause damage. A computer virus is a type of malware.
Malware is goal-oriented, and will generally seek to achieve the following objectives:
- Gain control over computers in order to launch network denial-of-service (DoS) attacks
- Infect user devices to use them for the attackers’ own purposes (such as mining cryptocurrency)
- Steal financial data and sensitive access details
- Facilitate identity theft, by tricking users into submitting personal data such as bank and social media logins
- Push advertising (think pop-ups!) which, while they may be only irritating, can be very hard to remove
What are the common types of malware?
A computer virus is a type of malware; it’s malicious code that’s designed to spread and alter how your computer works by corrupting, destroying or stealing your data. A computer virus can often be attached to a legitimate document or program on a removable drive or in an email.
Common types of viruses include:
- An executable file infector (.exe file) on a Windows PC that digs into other files to spread, much like how a flu virus spreads through humans. When you run the program, it causes the virus to spread and infect any other computers or devices on the same network
- A macro virus, which can be found in Excel and Word documents attached to a spam email, or sent as a zip attachment
Spyware are software programs that work by stealth. They run undetected in the background; observing, collecting and stealing data, while continuing to spread to connected devices through networks, removable media and internet connections.
Ransomware, by comparison, is designed not to steal your business data, but to hold you to ransom over its ownership and access. A business that’s under a ransomware attack will find its data encrypted, and the attacker will attempt to force you to pay to have it unencrypted.
The ACSC reported a 15% increase in ransomware attacks in Australia in the period July 2020 to June 2021, and an average of one ransomware report received every day in that same period.
How do I recognise a computer virus?
Some of the common signs that one of your business computers is infected with a computer virus is:
- Changes to your website home page; you may notice your home page has been reset to another website (and you may not be able to reset it)
- Unfamiliar programs have started launching on start up
- Password changes or prompts pop up that weren’t made by you or an employee
- Bulk emails have been sent from an email account that you or an employee didn’t send
- The computer in question is unusually slow or frequently crashes
- You notice pop-up windows have started appearing frequently
There are many types of computer viruses, and you’ll need an experienced IT support professional to diagnose and rid the infected computer of the virus quickly, before it spreads to other networked devices.
How can I protect my business from a computer virus and malware?
There are a number of key steps you can take to protect your business from a computer virus and malware:
- Ensure that every computer and device that’s attached to or accesses your network has up-to-date antivirus software installed on it
- Protect your network at every point with firewalls and strong password protection such as multi-factor authentication
- Have regular back-ups of your data (more than weekly or monthly!) stored off site and off the network. This provides a safe copy of your data, should your business be impacted by a virus, malware or ransomware
- Implement access control and administrative privileges on your data, to restrict who in the company can access what’s on your network – files, folders, applications, email, accounts, databases and network settings
- Educate your team members on cybersecurity risk, including what phishing emails and spam look like, and how to check an email is legitimate before opening links and file attachments
What’s the real risk to my business?
No business is too small to be targeted by cybercriminals and hackers. These days, many attacks are automated, and designed to target hundreds or thousands of businesses simultaneously. Business size is no protection; in fact, small businesses can be a much more attractive and easier target, given that many may have less robust digital protection, resources and awareness in place.
If your business is too small to warrant the cost of hiring a dedicated in-house IT and cybersecurity professional, your best solution is to use experienced third-party IT support.
Protect your business with expert IT services
Here at SouthEast IT, we can help by setting up the network and device security you need to protect your business from cybercrime, computer viruses and malware. We can provide secure off-site data backups, and help with disaster recovery planning to ensure business continuity. Don’t wait until it’s too late – even a small computer virus can cause irreparable damage to your business data and hardware assets.
Need help with protecting your business from cybersecurity risk?
SouthEast IT provides expert IT support and best practice advice on how to protect your business from cybersecurity risk, including computer viruses, malware and ransomware. Call us today to find out more – we’re always here to help.