Optus Network Outage and How it Affects Business Operations

Optus Network Outage and How it Affects Business Operations

Recently, the second-largest network carrier in Australia—Optus—had a major outage that affected over 10 million users, including businesses across Australia. But why is it alarming? In this blog, we will discuss the major effects that it caused and how businesses can prepare in times of incidents like this. 

Communication breakdown

Businesses heavily rely on a stable and reliable network to carry out their day-to-day operations. With communication problems, it will be hard for an organisation to operate and support their teams. On the customer side, this could be a frustrating moment and could lead to damaging the company’s reputation. 

Financial consequences

The outage interrupted almost all access for transport, healthcare, and even online transactions. This leaves e-commerce websites on freeze as they can’t process orders, leading to a loss in sales. 

Arising security risks

While some people are getting helpless with this problem, the attackers find it the perfect time to get on the line. With so many phishing reports claiming to be from Optus, the company has sent a warning to all its users that they are not sending any messages that contain links to resolve the problem. 

This type of attack can easily make people fall for the attacker’s trick if they aren’t vigilant enough. 

Long-term impact

Following the network outage, Optus has proposed solutions to make it up to all its user types. However, a lot of businesses have to deal with long-term consequences and work harder to fully recover and prepare for this type of problem. 

Secure your business with IT experts.

This incident only proves how a network outage can drastically affect businesses and disrupt their operations. To mitigate the threats posed by network outages, it is vital to have robust backup, disaster recovery plans, and security measures in place. 

At Geelong Technology Group, we provide comprehensive IT solutions for your business, such as a strong backup system and managed IT services to mitigate loss and damages caused by tech problems such as network outages. Give us a call at (03) 5244 3030. 

5 Steps to Strengthen Cyber Security

5 Steps to Strengthen Cyber Security

Cyber security in data management becomes more vital as it involves every record of the whole organization that may be sensitive or confidential. A breach of this information has consequences, including financial losses, reputational damage, and the risk of upholding customers’ trust.  

 

Hackers are just around the corner!

In a nutshell, cyber security, or IT security, plays an important role in every business. It protects the organization and employees from cyber threats such as hacking, malicious software, and ransomware attacks. These days, hackers have also changed their approach, increasingly targeting staff & exploiting human error. Make sure to protect your people so they won’t be the next target as cyber scam victims.  

 

It only takes ONE wrong click. 

Allowing your employees to identify common cyber threats by conducting regular cybersecurity awareness training will help not just the people in the organization but the business in the long run.  

 

Update your anti-virus protection. 

A common lag in your business computer might be a warning sign of weak anti-virus protection, putting your information at risk. Make sure your gadgets are regularly checked and that you have a reliable anti-virus program installed. Consider partnering with an experienced IT team that works with a leading provider of cybersecurity solutions in the digital realm. 

 

Implement strong Password management. 

Having a strong and unique password prevents unauthorized access to sensitive data, financial information, or personal details associated with other accounts. Always keep in mind that passwords must be changed regularly, treated like your own, and be two-factor enabled.  

 

Backup your data 

Backing up business data on a regular basis is a must, especially if your information is confidential. A secure cloud storage service can be of great assistance in ensuring that your data isn’t going anywhere in case of loss due to cyberattacks or natural incidents.  

 

At Geelong Technology, we build IT systems that suit your application by sourcing high-quality components from these reputable manufacturers:  

Take the first step to protect your businessContact Geelong’s data security experts. 

Remember, cybersecurity is an ongoing effort. Stay informed about emerging threats and evolving best practices to continuously improve your defenses. Consider working with trusted IT experts in Geelong that can offer you a complete security awareness solution to test, train, measure, and reduce human risk.  

 

📞 1300 GET GTG (1300 438 484) 

📧 mailto:support@geelongtechnology.com.au 

📍 166 Francis St, Belmont. 

safe travel and device protection

Top tech tips for safe travel

Overseas travel on the cards? Lucky you! (Can we come?!) Seriously though, if you’re heading overseas, or even just interstate, now is the time to think about the safe travel and security of your devices and data. Now. Not when you have a spare five minutes in the café at the airport. And definitely not when you’re opening your suitcase at the hotel, hoping you packed the right charger.

Getting ready for safe travel

Make savvy device decisions

The more devices you have with you, the greater the possibility that something will get lost, stolen or maliciously accessed. If, for instance, you know you’ll mostly just be checking your emails, opt to do so on your phone and leave your laptop securely at home.

Protect your devices

Device protection comes in many guises, both virtual and physical:

  • Ensure your devices are locked with a pin number or fingerprint ID.
  • Install antivirus and anti-malware protections – or ensure your current protections are fully up to date. The same goes for a VPN. And make sure your operating system is up to date while you’re at it.
  • Before you travel, change all of the passwords you regularly use and, where possible, enable two-factor or multi-factor authentication.
  • Make sure your ‘Find My iPhone’ (Apple) or ‘Find my Device’ (Android) application is toggled on and ready for action – should it be needed!
  • If your tech is particularly precious, consider purchasing an anti-theft bag – there are various options now available that are not only RFID safe, but also have slash-proof materials that guard against cut-and-run thieves. Some even come with built-in power banks to keep you charged on the go.

Check your power

Speaking of power banks – make sure you have one! Read on to find out why, but in the meantime, also ensure you’ve got the cords you need, and consider purchasing a multi-charger for charging various devices at one time.

When you’re on the road

Charge your device securely

Be mindful that USB chargers at airports, hotels and other public places cannot be trusted. Hackers can use these potential ‘juice-jacking’ ports to steal your data when you plug in. This is where your trusty power bank comes in (see above) – to keep you charged until you can access a direct-power (AC) outlet.

Lock your device

Yes – it may seem simple, but make sure to always lock your device when you are not using it. That way if you do accidentally leave it in a café, you won’t come back to discover the barista inverting your colours or toggling your animation settings.

Avoid public wi-fi usage

Logging on via an unsecured network can be an invitation to cyber criminals to access your data. It is best practice to turn off automatic wi-fi and Bluetooth connections so your device will not automatically connect to (or send your data over) unsecured networks. And if you don’t have a choice but to log in publicly, make sure your VPN is up and running and keep your sensitive data as safe as possible.

Scan your device

Regularly scan your devices for viruses or malware while you’re travelling. If something has inadvertently slipped through your security net, the quicker you get onto the issue, the better.

Contact the Geelong technology experts

If you have any questions about ensuring safe travel with your tech, need antivirus advice or support, or just need a better laptop, tablet or phone to take with you – give Geelong Technology Group a call. Our experienced technicians and retail staff are here to help, with advice and support for Geelong and Bellarine Peninsula homes and businesses. 

 

️ 1300 GET GTG (1300 438 484)

📧 support@geelongtechnology.com.au

📍 166 Francis St, Belmont

Social Engineering

What is social engineering? The psychology of phishing, smishing and scareware

When it comes to the security of our computers and online devices, what we often think of first is keeping them free of insidious viruses – throwing up firewalls and ensuring our anti-virus protection is bang up to date. Unfortunately, those protections can be quite easily overcome by one small vulnerability – human psychology.

Social engineering: a definition

Social engineering is the process of manipulating people in order to obtain confidential information or to trick users into making security mistakes. The term is used to cover a broad range of malicious activities from phishing, smishing, vishing (voice phishing) and scareware, to deceptions such as the ‘honey trap’ (whereby attackers pretend to be romantically interested in the victim) and the well-known ‘Nigerian prince just briefly needs your bank account’ scam.

Social engineering: how does it work?

When it comes to cyber-security, people are often the weakest link in the security chain, with the unpredictability of mistakes made by users making them harder to identify and avoid. It is much easier, for example, to pretend to be a company tech support agent and fool a user into giving up their password than it is to hack that same password (unless, of course, the password is password1!)

Social engineering attacks happen in one or more steps. Particularly when it comes to business attacks, a hacker may first investigate their target to gather background information, such as weak security protocols or potential points of entry. They will then move to gain the victim’s trust and to provide motivation for the user to give up information or to grant access to business resources.

Social engineering: what are a hacker’s motivational methods?

Knowing your Psychology 101 is a good way to avoid being scammed, as social engineering relies almost exclusively on what are known as the ‘principles of influence’ (a theory established by psychologist and professor Robert Cialdini in 1984). These methods of influence include:

 

Authority – whereby an attacker poses as someone ‘in charge’, requesting (ordering!) compliance.

Consensus – influencing users by convincing them that this is ‘what everybody else is doing’.

Familiarity – after all, if you receive an email from a friend, surely the link they have provided is legitimate?!

Intimidation – whereby the attack comes with a threat of negative consequences should the request not be granted.

Scarcity – ‘Only five left!’ or ‘While supplies last!’, which goes hand in hand with:

Urgency – ‘Act now or it will be too late!’

 

Note that scarcity and urgency often both relate to that little human tendency towards greed – many of us don’t want to miss out on something great, which can lead us to clicking first and thinking (and possibly regretting) later.  

Defending against social engineering attacks

When it comes to protecting your business and safeguarding against malicious social-engineering attacks, your defence should be four-pronged:

  1. Ensure the lines of communication within the company are open and positive. If an employee believes that an attack has occurred due to their inadvertent error, the first thing you want them to do is report it – not hide it away in fear of reprisal.
  2. Train your staff to recognise the various methods of influence and to always think, check and double check before providing sensitive information. Cybersecurity staff awareness is key!
  3. Test the effectiveness of your training (yes, you can do some phishing yourself to check if you catch anything!) and redeploy the training often to ensure it is always fresh in the minds of your employees.
  4. Close your protection circle by also implementing cybersecurity measures – this will not only limit the number of attacks getting through to your staff, but can also help to minimise any damage caused by a successful attack.

Call Geelong’s cybersecurity experts 

Servicing Geelong, the Bellarine Peninsula, the Surf Coast and surrounding regions, Geelong Technology Group helps small and medium businesses succeed by supporting and managing their IT requirements. Armed with the latest social-engineering information, we can not only assist your business with security awareness, we can also implement comprehensive cybersecurity solutions, ensuring your important business information is cybersecure.

Give us a call today to find out more on 1300 GET GTG (1300 438 484) or stop by our showroom at 166 Francis St, Belmont.

computer_cookies_what_are_they

HTTP cookies, web cookies, internet cookies, browser cookies: What are computer cookies?

They don’t involve raisins or chocolate chips, but they are bite-sized: the computer version of cookies might not be as tempting as the IRL version, but can certainly come in handy. Essentially, computer cookies are small slices of information that enable convenient and personalised web browsing. These small packets of data are generated by a web server and sent to a web browser that stores the cookies for a predetermined period of time. 

What are computer cookies used for?

Generally, cookies are there for web-browsing benefits (although they do also free up storage space on servers). They are used for:

  • Session management to ‘remember’ individual login information and user actions or preferences.
  • Personalisation to customise a user’s experience, often through targeted advertising.
  • Tracking within shopping sites to track items that users view (or have viewed previously) and to record items in a shopping cart while a user browses further. Without these cookies, every time you visited a new page within a site, your shopping cart would revert to ‘empty’.

Different types of HTTP cookies 

Get to know your main two types of cyber-world cookies:

Session Cookies

These computer cookies are short-lived. They last just for the period of time that you are navigating a website – once you exit a site, the session cookie is deleted. These particular cookies are only ever stored in Random Access Memory, never written to the hard drive.

Persistent Cookies

Rather than expiring when a website is exited or a browser closed, longer-lasting cookies – or persistent cookies – expire only after a specified length of time or after a specified date. These cookies are used for two main purposes – authentication and tracking.

  • Authentication cookies help manage user sessions by tracking when a user logs in and under what name. They can also ensure that the correct user information is delivered to the correct user.
  • Tracking cookies log multiple visits to a site over time – building up a picture of a user based on what they browse when they return to a site. This information can be used for targeted advertising, but can also help users by retaining details such as log-in credentials.

Managing your computer cookies (and any cookie concerns)

Computer cookies consist of information that is sent out and back without being changed. This unaltered data cannot infect your computer with viruses or malware. Unfortunately, some internet nasties may be disguised as cookies (known as ‘super cookies’ – which many browsers will be able to block). Some cyberattacks can hijack cookies, enabling access to a user’s browsing sessions.

Cookies are an optional part of your internet experience. However, banning all cookies may make some websites difficult to navigate. Different browsers store their cookies in different places, but all will allow you to remove cookies already stored. Plus, allow you to choose how future cookies are collected or stored. (Generally, the cookie section of a browser is found under Settings > Privacy.)

Choose Geelong’s IT experts for your internet security

Regardless of how you manage and govern cookies, it’s best to remain vigilant and clean up your cookies regularly. If you are concerned about your online security when it comes utilising cookies, or if you’re not 100% confident regarding the online security of your business, Geelong Technology Group is here to help.

With our extensive experience and comprehensive cybersecurity solutions, we can assess your current situation and recommend actions to ensure your business is safeguarded against cyber threats in the future, so get in contact today. 

1300 GET GTG (1300 438 484)

📍 166 Francis Street, Belmont

smishing

What is smishing? SMS phishing attacks and protection tips

When it comes to cybercrime, there’s always something new on the horizon, hoping to catch us unawares. One of the latest is ‘smishing’ or SMS phishing. It’s fast becoming an ever-increasing problem for both individuals and businesses.

 

Definition of smishing

SMS phishing is essentially a form of phishing attack undertaken through text or SMS messages. The messages often contain an urgent notification regarding banking or courier services or an offer for a free product. They aim to manipulate people into turning over sensitive data such as bank account details, credit card numbers, account passwords, or access to a business’ computer systems.

 

How does smishing work?

Smishing works much like email phishing. It uses social-engineering tactics to appeal to our desire to have things work smoothly (Oh no! There’s a problem with my bank account!), to help others (A message from a bushfire relief charity? Sure, I’ll help out!) or to help ourselves (Eighty percent off a new phone? Heck, yeah!). Unfortunately, because text messages seem more personal,  we may be more likely to click a link in an SMS than we would nowadays in an email.

Utilising trust (scammers pose as legitimate organisations), context (lots of people are expecting packages around Christmas, for instance), and emotion (we must act now!), cybercriminals write messages that will generate action. In this case, the clicking of a link within the text message. This malicious link may either trick you into downloading malware onto your phone that then masquerades as a legitimate app (into which you enter your personal details) or takes you to a fake site, again requesting your sensitive data. These apps and websites are often well disguised and look ‘legitimate’, tricking the unwary.

 

How can we avoid smishing attacks?

As more and more mobile phones are used for work, SMS phishing has become not only a consumer threat, but also a business threat. Avoiding smishing attacks is paramount. But how do we do this? First, we need to lose any false confidence we have in text message safety – smartphone security DOES have its limitations, and CAN be compromised. 

So, the best way to remain safe? Follow the golden rule and do nothing. That is, always err on the side of caution and don’t click on links in text messages.

Of course, sometimes we may have clicked a link in a hurry or in error, and some messages may include legitimate links, so how can we manage the risk?

  • If you have clicked on a link that you now believe may be suspect, DO NOT give any personal details.
  • If you believe it may be a legitimate message, but you’re not sure, navigate to the official business webpage via a separate browser or call the company using a number that you look up independently of the text message. (And remember, legitimate institutions are extremely unlikely to request login information or account updates via SMS.)
  • Don’t reply to messages that look suspect, even to text ‘Stop’ – this will indicate your number is active and may prompt further smishing attempts.
  • Only ever download apps from an official app store.
  • Utilise multi-factor authentication (MFA) wherever possible. A password inadvertently provided via a phishing attempt may still be useless to a cybercriminal if the second level of verification/authentication is required.
  • Report possible smishing attempts to the ACCC Scamwatch.

 

Need more information?

At Geelong Technology Group, our experienced IT professionals are here to help you avoid smishing messages, phishing emails, and other cyber-related scams or attacks. Helping homes and businesses in Geelong, the Bellarine Peninsula, the Surf Coast, and surrounding regions with their online security is what we love to do, so give us a call today on 1300 GET GTG (1300 438 484) or drop into our showroom at 166 Francis Street, Belmont.