If your Perth business has never been hit by malware, count yourself lucky — not immune. In 2026, Australian small and medium businesses are being targeted more than ever, and malware (including trojans) remains the primary weapon cybercriminals use to steal data, extort money and cripple operations.
The good news: most successful malware attacks are preventable. They rely on predictable weaknesses — unpatched software, weak passwords, absent email filters and staff who haven't been trained to spot a phishing email. This guide gives you 10 practical, proven steps to significantly reduce your exposure, explained in plain English with no unnecessary jargon.
The Australian Cyber Security Centre (ACSC) received over 94,000 cybercrime reports in its most recent annual report — one every 6 minutes. Western Australian businesses are not exempt. If you're not actively defending your network, you're a target.
What Exactly Are Malware and Trojans?
Before we cover how to stop them, it helps to know what you're dealing with.
Malware is a catch-all term for malicious software designed to damage, disrupt or gain unauthorised access to computer systems. It includes:
- Viruses — self-replicating code that attaches to legitimate files and spreads across systems.
- Ransomware — encrypts your files and demands payment for the decryption key. One of the most financially devastating threats for Perth businesses.
- Spyware — silently collects sensitive information (passwords, banking details, keystrokes) and sends it to attackers.
- Adware — injects unwanted advertisements and can redirect browsers to malicious sites.
- Worms — spread across networks without user interaction, exploiting vulnerabilities in unpatched systems.
A trojan (trojan horse) is malware that disguises itself as legitimate software — a free utility, a fake invoice attachment, a pirated application — to trick users into willingly installing it. Once inside, a trojan can:
- Create a backdoor for remote attackers to access your systems at will.
- Download additional malware, including ransomware.
- Steal credentials, financial data and client information.
- Enlist your machines into a botnet used for attacking others.
Unlike viruses, trojans don't replicate themselves — they rely on human error to spread. This makes them harder to catch with traditional antivirus tools and means staff education is one of your most effective defences.
How Do Perth Businesses Get Infected?
Understanding the attack vectors is the first step in closing them off. These are the most common ways malware reaches a Perth business network:
- Phishing emails — Malicious attachments (PDFs, Word docs, ZIP files) or links to fake login pages. Often crafted to look like ATO notices, Australia Post delivery alerts, or supplier invoices.
- Drive-by downloads — Visiting a compromised website silently downloads malware without any user interaction, exploiting vulnerabilities in unpatched browsers or plugins.
- Infected USB drives — A USB left in a car park or sent via mail can auto-run malware when plugged into a work computer.
- Remote Desktop Protocol (RDP) attacks — Brute-forcing weak RDP credentials to gain direct access to servers and deploy ransomware.
- Software supply chain attacks — Legitimate software updates are compromised by attackers to deliver malware to thousands of businesses simultaneously.
- Compromised credentials — Stolen or reused passwords (often from previous data breaches) are used to log in to cloud services and plant malware.
Warning Signs Your Business May Be Infected
Malware is often designed to operate silently, but there are tell-tale signs to watch for:
- Computers are unusually slow, crashing more than normal, or overheating.
- Unknown processes running in Task Manager consuming high CPU or memory.
- Browser redirects to unfamiliar websites, or new toolbars you didn't install.
- Antivirus or Windows Defender has been disabled without your knowledge.
- Files have been renamed or encrypted and you're seeing ransom notes.
- Colleagues report receiving strange emails that appear to come from your address.
- Unexplained spikes in network traffic, especially outbound, at unusual hours.
- Staff can no longer access files or network shares they normally use.
Many malware infections operate silently for weeks or months before triggering their payload. Early detection depends on proactive monitoring — not waiting for something visible to go wrong.
10 Proven Steps to Protect Your Perth Business from Malware and Trojans
These steps follow the layered security approach recommended by the Australian Signals Directorate (ASD) and are achievable for businesses of all sizes.
Deploy Business-Grade Endpoint Detection and Response (EDR)
Consumer antivirus is not enough. Modern Endpoint Detection and Response (EDR) solutions go far beyond signature-based detection — they use behavioural analysis to catch zero-day threats and unknown malware variants in real time. For Perth businesses, solutions like Microsoft Defender for Business, SentinelOne or Sophos Intercept X provide the detection depth and automated response needed to contain threats before they spread across your network.
Enable Multi-Factor Authentication (MFA) on Every Account
MFA is the single most effective control you can deploy today. Even if an attacker steals a staff member's password — through phishing, a data breach or a keylogger — MFA blocks them from logging in without the second factor. Enable MFA immediately on Microsoft 365, Google Workspace, banking portals, remote access tools, and any cloud application your business uses. According to Microsoft, MFA blocks over 99.9% of account compromise attacks.
Keep All Software and Operating Systems Patched and Up to Date
Unpatched software is the primary entry point for worms, trojans and ransomware that exploit known vulnerabilities. This includes Windows, macOS, browsers, Microsoft Office, Adobe products, Java and any line-of-business applications your team uses. Establish a regular patching schedule — at minimum monthly, with critical security patches applied within 48 hours of release. Automated patch management tools can handle this without disrupting staff.
Implement Advanced Email Filtering
Since 94% of malware is delivered via email, your email gateway is your most important perimeter control. Standard spam filters are insufficient — you need advanced threat protection that sandboxes attachments, scans links at click time, impersonation detection and anti-spoofing controls. Microsoft Defender for Office 365 (Plan 1 or 2) or Mimecast are strong choices for Perth SMBs on Microsoft 365. Ensure SPF, DKIM and DMARC records are correctly configured for your domain to prevent spoofed emails from reaching your staff.
Deploy DNS Filtering to Block Malicious Websites
DNS filtering intercepts requests to known malicious domains before a connection is ever established — blocking drive-by downloads, malware command-and-control servers and phishing sites automatically. Solutions like Cisco Umbrella, Cloudflare Gateway or Microsoft Defender for Endpoint's web protection work at the network level, protecting all devices including those on remote or home networks. This is particularly important as Perth businesses increasingly operate across multiple sites and with remote workers.
Apply the Principle of Least Privilege to User Accounts
Most malware runs with the same permissions as the user who accidentally executed it. If a staff member has local administrator rights, malware can install itself, disable security tools and spread across the network far more effectively. Remove local admin rights from standard users. Create separate privileged accounts for IT administrative tasks. Ensure service accounts have only the permissions they need to function. This single change dramatically limits the blast radius of any malware infection.
Conduct Regular Staff Cybersecurity Awareness Training
Your staff are your last line of defence — and for trojans specifically, they're the primary attack target. Regular, engaging security awareness training teaches staff to recognise phishing emails, avoid suspicious downloads, handle USB devices safely, report suspicious activity quickly and follow secure password practices. Combine training with simulated phishing campaigns to measure vulnerability and reinforce learning. Even a one-hour training session per quarter can measurably reduce your click-through rate on phishing emails.
Maintain Tested, Offsite and Offline Backups
Backups are your safety net when everything else fails — but only if they actually work and can't be encrypted by ransomware alongside your live data. Follow the 3-2-1 backup rule: 3 copies of your data, on 2 different media types, with 1 stored offsite (or in immutable cloud storage). Critically, test your restores regularly — a backup you've never tested is not a backup. Ransomware specifically targets connected backup drives and mapped network shares, so ensure at least one copy is offline or using immutable storage that ransomware cannot reach.
Segment Your Network to Contain Spread
Network segmentation divides your IT environment into separate zones — keeping guest Wi-Fi separate from your business network, isolating point-of-sale systems, and separating servers from workstations. If malware does get onto one segment, segmentation limits its ability to spread laterally to other parts of your network. For Perth businesses with multiple locations or that accept guest Wi-Fi access, segmentation is especially important and is a core recommendation of the ASD Essential Eight framework.
Have a Written Incident Response Plan
When malware strikes, the decisions you make in the first hour determine whether you recover in days or weeks. A written Incident Response Plan tells your team exactly who to call, what to isolate, what not to do (e.g. don't reboot infected systems — it can destroy forensic evidence) and how to communicate with clients and authorities. Your plan should cover: containment, investigation, notification (including Notifiable Data Breaches obligations), recovery, and a post-incident review. Ask your IT provider to help you create and test one.
Quick Wins You Can Implement This Week
If the full 10-step list feels overwhelming, start here. These three actions deliver the highest impact for the least effort:
- Turn on MFA for Microsoft 365 or Google Workspace today. Takes under 30 minutes and immediately eliminates the majority of credential-based attacks.
- Run Windows Update and check for pending patches on all workstations. If any machines haven't been patched in 30+ days, prioritise them immediately.
- Send a quick all-staff reminder about phishing. Tell them to verify unexpected invoice emails by phone before clicking anything, and to forward suspicious emails to your IT team rather than clicking links.
Steps 1–6 and 8 in this guide directly align with the ASD Essential Eight mitigation strategies, which the Australian government recommends as the baseline for all Australian organisations. Read our ASD Essential Eight plain-English guide for Perth SMBs for more detail.
What to Do If Your Perth Business Is Already Infected
If you suspect an active malware infection, stay calm and act fast — but carefully. Here's the immediate priority order:
- Isolate the affected device(s) immediately. Disconnect from the network (unplug the ethernet cable or turn off Wi-Fi). Do not turn the machine off — powering down can destroy volatile memory evidence and, in some ransomware variants, triggers faster encryption.
- Contact your IT provider. Call Managed ICT Solutions on +61 8 9242 4511 immediately. Do not attempt to run removal tools yourself without guidance — some actions make forensic investigation harder or can destroy evidence.
- Do not pay any ransom without professional advice. Payment is not guaranteed to result in decryption, funds criminal organisations, and may violate sanctions laws in certain jurisdictions.
- Preserve evidence. Take photos of any ransom notes, error screens or unusual behaviour before taking any remediation steps.
- Notify affected parties if required. Under the Australian Privacy Act's Notifiable Data Breaches scheme, you must notify the OAIC and affected individuals if a data breach is likely to cause serious harm.
- Initiate recovery from clean backups once the threat is fully contained and the attack vector has been closed.
Frequently Asked Questions
What is the difference between malware and a trojan?
Malware is any malicious software — viruses, ransomware, spyware and more. A trojan is a specific type of malware that disguises itself as legitimate software to trick users into installing it. The name comes from the ancient Greek story: the threat is hidden inside something that looks trustworthy.
Is free antivirus software enough to protect my Perth business?
No. Free consumer antivirus tools lack the management features, centralised visibility, behavioural analysis and response capabilities that businesses need. A managed EDR solution gives your IT team (or managed IT provider) real-time visibility across all devices and the ability to respond to threats remotely and immediately.
How much does it cost to protect a Perth business from malware?
A complete layered security stack — EDR, MFA, email filtering, DNS filtering and backup — typically costs between $15–$40 per user per month depending on the solutions chosen. Compare this to the average $97,000 cost of a cyber incident for an Australian SMB. Read our Managed IT Services pricing guide for a detailed cost breakdown.
Can managed IT services help with malware protection?
Absolutely. A good managed IT services provider will deploy, monitor and manage your security stack proactively — including patching, threat monitoring 24/7, email security configuration, backup management and staff training. This is often more cost-effective than trying to manage it in-house, particularly for Perth businesses with 5–100 staff.
Is Your Perth Business Protected from Malware?
Don't wait for an attack to find out the gaps in your defences. Managed ICT Solutions offers a free cybersecurity health check for Perth businesses — we'll assess your current exposure and give you a clear, practical remediation plan.
Book a Free Security Assessment Call (08) 9242 4511