ransomware

Feb 13

Cybersecurity in PNG: Why Your Business Can’t Afford to Wait

By Steve Percy Network Security, PNG, Superfast IT Networks No Comments

In January 2025, Papua New Guinea’s Internal Revenue Commission was hit by a cyberattack that shut down its entire tax administration system for nearly two weeks. Phones went dead. Emails stopped. Sensitive financial data belonging to businesses across the country was potentially exposed.

It wasn’t a one-off. In 2021, PNG’s Department of Finance was crippled by ransomware. In February 2025, the Bank of PNG suffered its own cyber incident. And just weeks ago, Samoa’s Computer Emergency Response Team formally warned the Pacific region about APT40—a Chinese state-backed hacking group actively targeting Pacific Island networks.

This is the reality of doing business in PNG in 2025.

The Region Is Under Attack

The Asia-Pacific region now attracts more cyberattacks than anywhere else on earth—34% of all global incidents in 2024, according to IBM’s X-Force Threat Intelligence Index. Ransomware, business email compromise, phishing, and state-sponsored espionage are all rising sharply.

For PNG businesses, this isn’t background noise. It’s your operating environment.

The Threats You Need to Know

Ransomware is the most destructive. Attackers encrypt your data and demand payment to restore it—often after stealing it first. The average recovery cost globally now exceeds $4.9 million, excluding the ransom itself. Recovery takes weeks. Some businesses never fully recover.

Business Email Compromise (BEC) is the most financially damaging scam targeting businesses today. Attackers impersonate a CEO, supplier, or finance contact and redirect payments. No malware needed—just a convincing email. The FBI estimates BEC has caused over $50 billion in global losses.

Phishing remains the most common entry point for attacks. One click on a malicious link can hand attackers the keys to your entire network. In PNG’s mobile-heavy, social media-driven business culture, the risk is amplified.

Why PNG Businesses Are Especially at Risk

Three factors make PNG businesses more vulnerable than most:

Infrastructure constraints- Intermittent connectivity and bandwidth limitations mean security patches get skipped, cloud-based protections don’t always work reliably, and incident response takes far longer than it should.

Limited local expertise- Qualified cybersecurity professionals are scarce in PNG. When something goes wrong, getting the right help quickly is difficult—and attackers know it.

The “too small to target” myth- Automated tools scan the entire internet continuously, looking for vulnerable systems. Your size doesn’t protect you. A Cisco study found that 56% of Asia-Pacific SMBs experienced a cyber incident in the past year. Of those, 75% lost customer data.

What's Changing

PNG launched its National Cyber Security Strategy in 2024. Data protection regulations are tightening. Businesses that handle customer data, financial records, or government contracts will increasingly be expected to demonstrate minimum security standards.

Getting ahead of this isn’t just about compliance—it’s about protecting your business, your customers, and your reputation.

Where to Start

Most successful cyberattacks exploit a small set of basic vulnerabilities: weak passwords, unpatched software, untrained staff, and no backup plan. Fixing these doesn’t require a massive budget. It requires a structured approach and the right guidance.

The businesses that fare best aren’t necessarily the ones with the biggest IT departments. They’re the ones that take cybersecurity seriously before an incident forces them to.

Papua New Guinea’s digital economy is growing. So is the threat. The question is whether your business is keeping pace.

Ready to Take Action?

Sprint Networks is hosting SecurePNG—a practical, hands-on cybersecurity workshop designed specifically for PNG business owners and IT managers.

You’ll walk away knowing exactly where your business is exposed and what to do about it.

Register for the SecurePNG Workshop →

Seats are limited. Don’t wait for an incident to force your hand.

Jul 30

Twenty Things For Ransomware Protection

By Sprint Networks Network Security No Comments

We are at an especially vulnerable moment in our transition to a digital economy. As mentioned in the last blog, Australia government has an announcement on cybersecurity issues recently happened. It points out an interesting point that the biggest problem is the human factor, especially when it comes to ransomware. It becomes very critical that each organization needs to take steps to protect the network or network attached elements.

While each corporation has its own network environment, without talking about too much details, here are 20 things from Fortinet experts that any organisation can begin to implement today to reduce their risk from ransomware and other advanced threats.

1. Wherever possible, patch and update operating systems, devices, and software. Make this a priority for your remote workers – especially those using personal devices to connect to the corporate network.

2. For devices that can’t be patched, ensure that appropriate proximity controls and alerts are in place.

3. Make sure that all endpoint devices have advanced security installed, such as anti-exploit and EDR solutions.

4. Also make sure that access controls, such as multifactor authentication and even Network Access Control solutions are in place

5. Use NAC to inspect and block bring-your-own-devices that do not meet security policy

6. Segment your network into security zones to prevent the spread of infection and tie access controls to dynamic segmentation.

7. Use inventory tools and IOC lists to prioritize which of your assets are at the most risk.

8. Update your network IPS signatures, as well as device antivirus and anti-malware tools.

9. Back-up systems and then store those backups offline – along with any devices and software you may need in the event of a network recovery.

10. Make sure that ransomware recovery is part of your BCDR, Identify your recovery team, run drills, and pre-assign responsibilities so systems can be restored quickly in the event of a successful breach.

11. Update your email and web security gateways to check and filter out email attachments, websites, and files for malware.

12. Make sure that CDR (content disarm and recovery) solutions are in place to deactivate malicious attachments.

13. Use a sandbox to discover, execute, and analyze new or unrecognized files, documents, or programs in a safe environment.

14. Block advertisements and social media sites that have no business relevance

15. Use zero-trust network access that includes virus assessments so users can’t infect business-critical applications, data, or services

16. Use application whitelisting to prevent unauthorized applications from being downloaded or run.

17. Prevent unauthorized SaaS applications with a CASB solution.

18. Use forensic analysis tools to identify where an infection came from, how long it has been in your environment, ensure you have removed all of it from every device, and ensure it doesn’t come back

19. Plan around the weakest link in your security system – the people who use your devices and applications. Training is essential but limited. Proper tools, such as secure email gateways, for example, can eliminate most if not all phishing emails and malicious attachments.

20. Leverage people, technology, and processes to quickly gather threat intelligence about active attacks on your networks and act on it, using automation where possible. This is crucial to stopping an advanced attack in its tracks.

Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.