Case study: Queensland business under cyber attack

From Michelle Cross, Elders Insurance Mackay
This is the true story from the owner of a 5-person accounting practice in regional Queensland.

 An email was received from Australia Post. We had been struggling with our local post office not delivering parcels or mail so thought nothing of it. The email was forwarded to my admin staff to ring the local post office however, before ringing, my admin person clicked on the link to find out about the parcel. The next thing we know, things started to disappear.

She shut down her computer and restarted it and, in the meantime, I get a phone call from another staff member who works remotely that she cannot open her Outlook. When the staff member who had shut down her computer restarted it, we were confronted with “You have been Cryptolocked and you must pay us so much money to obtain your files”.

This happened in the space of half an hour first thing in the morning.

We rang our local computer tech, who dropped everything and came to us. We thought we would be ok as we have a backup but because this attack happened when we were in the process of backing up, our backup was infected as well.

My business was virtually nonexistent for the whole day. This was August, one of our busiest times of year. I had to keep my business going but you can imagine we had nothing – no calendar, no Microsoft templates, letters, we didn’t know who was coming in for appointments and of course, no access to our accounting programs.

I rang the police and they advised that I could pay the ransom, which did not guarantee me getting my files, or wipe my computers and start again. After trying to pay the ransom unsuccessfully due to the requirement that the ransom be paid in bitcoin (which I knew nothing about), at 7pm that night the decision was made that we had to wipe our computers and start again. The last standalone backup I had of my software had been done on the 1st of July due to rolling over all my clients, so you can imagine we had lost almost 7 weeks’ worth of work. However, we bit the bullet and did it.

The cost to my business has been ongoing over the last 9 months, just in hardware and services it has cost me over $10,000. The actual cost to my fees is in the vicinity of $20,000. We still have ongoing problems, which attracts another fee. The ATO advised we should have just gotten rid of the computers completely as the virus still lives even after it has been wiped – if I had the finances to do this, I would have.

I would suggest that when you are renewing any businesses policy, that you ask your client if they want cyber insurance as it would have saved me a lot of heartache and money.