Cyber attacks are becoming more common. Businesses that use Landonline should protect themselves from attack, take steps to ensure business continuity, and let us know about any incident.
Types of cyber attack
Two common types of attack are ransomware and malware attacks.
Malware is software designed to damage a computer system or access your data. Malware attacks often happen after a staff member unknowingly clicks on a malicious link in an email.
Ransomware is software that denies a user access to their files or computer system unless they pay a ransom. The first sign of a ransomware attack is often a message appearing on your screen saying that you need to pay a ransom to regain access to your system.
Protecting yourself and your business
You, your business and your staff can take steps to increase your cyber security:
- Educate yourself and your staff about cyber attacks and password security.
- Set up an air-gapped or offline backup process with your IT support and make sure the backups are suitable for a full restore.
- Set up multi-factor authentication for logging into all your devices.
- Make sure all systems and software, including antivirus software and operating systems, are up to date, and all software updates and patches are installed.
- Have a clear process to follow if you or your staff think a cyber attack has occurred.
Business continuity
It's important to set up business continuity systems to make sure your business can complete urgent transactions if you're the target of a cyber attack.
You may want to have a trusted external Landonline user with certify and sign rights, such as your Power of Attorney, associated with your account in advance. There is no charge for this – simply apply for multiple account association for your nominated people.
Multiple account association for Landonline users
What to do if you suspect you have been attacked
Take immediate action – even if you aren’t sure what has happened.
Take the affected device offline immediately
The faster you get the device offline, the more you can contain the spread of the malicious software.
Take the network cable out of your workstation and unplug your router. Repeat this for any other devices connected to the same network.
Notify Toitū Te Whenua LINZ
You need to notify Toitū Te Whenua of the incident so we can take measures to ensure your Landonline access remains secure.
Log an incident with CERT NZ
You should log an incident with CERT NZ:
- call 0800 CERT NZ, or
- Report on reporting form for businesses and individuals – CERT NZ.
CERT NZ strongly recommends that victims of a ransomware or malware attack don’t pay a ransom. There is no guarantee that you’ll get your data back and it could put you at risk of future attacks.
Get back online safely
After the attack your IT support or a reputable computer services company will need to get you back online safely.
- Restore the system from the most recent backup, or restore the computer to its factory settings and reinstall your operating system.
- Run full updates and security patching on all devices on your network before reconnecting to the internet.
- Check for any residual ransomware or malware on the computer. To see if the ransomware or malware that you were attacked with is still running an expert will need to look for indicators of compromise.
- Identify and install additional security protection measures if necessary. This may include improving the network border security, such as implementing an enterprise level router or firewall, introducing an air-gapped or offline backup, or adding to your vulnerability, antivirus and anti-malware protection.