The WannaCry ransomware virus is a wake-up call for us all. By what may be a fluke of geography and time zones, it appears that New Zealand was largely spared the full impact of this virus. But I suggest that for many New Zealand businesses this was due to good luck rather than good management; and it’s likely any high-profile businesses that may be affected will be wanting to keep news of an attack under the radar.
While the global impact of this attack is somewhat unprecedented, at the very least I hope we all take the opportunity to learn a lesson from this. Some large businesses were impacted by WannaCry, including those which offer critical services such as healthcare. You might wonder how large businesses could be impacted by an event – surely these guys have the budget and IT teams to have some pretty good cyber-security in place, right?
While I can only speculate, at this point there are some things to consider. No system is 100% secure, cyber-crime is well resourced and new threats are always emerging - and unfortunately some poor business has to be the first one infected before the good-guys can develop a ‘cure’. One reason New Zealand was not impacted as badly as the rest of the world was that most of us were off work enjoying the weekend. It’s frustrating that a large number of malware is still let in by employees clicking on unsafe email attachments or links; if only they were trained to pause and think before clicking. Surprisingly it’s still more that 100 days before most organisations notice they have been hacked. This not only means that they are unaware of what might have been stolen or compromised, but also that the clean-up or remediation of an attack is much harder and costly. Ransomware attacks are the exception in that being locked out of all of your files is a pretty big clue that something is amiss.
Whilst I work for a company that provides cyber-security services to New Zealand businesses, not once did I assume that we would not be impacted. However, because I have a full view of all the policies and systems in place, I’m sure I slept a lot better than most other business owners and IT managers who read about WannaCry and its crippling effect on businesses over the weekend – why?
For a start Kordia ‘eats its own dog food’ – so to speak. Our systems are patched regularly, our staff have all been cyber-trained and know what to look for in terms of suspicious emails etc. We have firewalls and email security measures in place and we have these pen-tested regularly. In terms of security our walls are pretty high; but remember no system is 100% secure. This is why Unified Security Management is something any large business doing business online needs to have on their radar. USM’s provide businesses with something very valuable in a world that’s filled with online threats. It provides visibility into a network and allows businesses to take swift action in order to minimise detected threats – both inside and outside business hours. In addition, knowing data is backed-up in a system that allows immediate recovery if files are locked out by an attack, provides added peace of mind.
WannaCry should be a wakeup call for us all. Cyber criminals never sleep and neither should your business’ security practice. However, good security is a process and only as good as the weakest link in the chain. Now is a good time to reflect; even if your perimeter security is good, could a staff member inadvertently let someone in, and if they did, would you be able to spot them? If the answer is no, you may need to get in touch with an external expert.