16 May 2018

Are you protected from ransomware? Your reputation depends on it.

Cyber-attacks often result in serious disruption to victims, interrupting normal operations and leading to financial pain in the form of lost sales, lost business, and increased damage to reputation.

A recent study by security firm Sophos revealed just under a third of companies reported costs related to ransomware attacks of between $17k and $85k. A similar proportion of companies reported hits of between $170k and $850k, 12 percent from $850k to $8.5 million, with 6 percent of companies reporting losses of between $1.7 and $17 million.

Meanwhile, even though it’s difficult to accurately measure, we know anecdotally that brand damage stemming from any sort of security breach is increasing.

New laws for protecting user privacy and holding companies to account when it’s put at risk make it mandatory to notify the authorities, which invariably leads to some form of public humiliation or shaming.

And while difficult to measure, most executives would agree few things are worse for a company than this.

Australia’s Notifiable Data Breach (NDB) regulations impose heavy penalties including fines upwards from $1 million for companies that fail to report events that put their customers’ privacy at risk. In effect from mid-May 2018, the EU’s GDPR (General Data Protection Regulation) sends a similar message.

Revelations in early May that Australia’s largest bank, CBA lost backup data for more than 15 years of customer statements in 2016, reinforces the old maxim: ‘the bigger they are the harder they fall’.

People associate large organisations like banks with strength and invincibility, so when they stumble the ripples can reach far and wide, eroding customer trust and ultimately damaging brands. Sony, Yahoo, Google and most recently Facebook know this all too well.

How much data protection is enough?

Anti-malware, data protection and privacy regulations are forever playing catch-up with cyber crooks.

One of the most sobering findings of the Sophos report was that a full two-thirds of companies were running the most up-to-date version of their IT security solutions when they were breached.

Even just a few years ago, this was the best most companies could do, because ransomware and most other sorts of threats infiltrated organisations via familiar means.

Those could be a poorly-chosen password, a user is duped by a fraudster into providing user name and password details, or someone opens an attachment without thinking.

Now we are seeing a shift away from these sorts of attacks where some sort of social engineering is involved, to attacks that are crafted with a specific ‘exploitation’, or system vulnerability.

Last year was an especially bad year featuring two extremely damaging ransomware attacks, in the form of the WannaCry and Petya viruses.

Otherwise known as WannaCrypt, WannaCry affected more than 230,000 computers in over 150 countries – including Australia – with the NHS, Spanish telco Telefonica and German State railways among the worst affected.

Following just months later, Petya was similarly disruptive wreaking havoc amongst such recognizable brands as media giant WPP, food company Mondelez, law firm DLA Piper and Danish shipping company Maersk.

Both viruses used ‘exploits’ in the Windows operating system.

Shadow IT and cyber security

Today companies face security threats from more fronts than ever before. And among the most alarming are those that existing within the organisation.

As staff become ever more accustomed to working offsite with remote devices, while availing themselves of cheap or free cloud-based systems and applications, it’s becoming harder for IT managers to maintain proper security. This so-called shadow IT has become one of the key issues dominating conversations around cyber security today.

Of course, it’s a quid pro quo – the ability of your staff to communicate freely and access information wherever they are from any deice or application creates powerful opportunities to develop more meaningful customer relationships.

On the other hand, too much freedom and a loss of control over ‘endpoints’ can lead to those same customers turning away to a competitor at the first sniff their payments or other information may have been compromised.

Talk to Brennan IT today to start mapping out a security strategy that makes sense for your organisation and your customers, and avoid getting into the news for all the wrong reasons.

Top