Nothing is totally safe in today’s technological world – not even Microsoft Office 365’s corporate users. On 22rd June 2016, cybercriminals targeted them with a zero-day ransomware attack spread through phishing emails. The Inquirer explains that 24 hours later, the ransomware encrypted users' documents, photos and files before demanding a ransom to regain access. 'The malware even played a spooky stalker-like audio file alongside a warning message on the screen informing victims that their files have been encrypted', Sooraj Shah writes on 28th June 2016 in ‘Office 365 corporate users targeted with zero-day ransomware attack'.
Shah adds that 'the attack was uncovered by Avanan's cloud security platform on 22 June, and Microsoft detected the attack and started blocking the attachment on 23 June, more than 24 hours later, based on the company's analysis.' Avanan reported that about 57 per cent of all of the organisations using Office 365 on the firm's security platform received at least one copy of the malware in a corporate mailbox during the attack.
In response to the attack, Ryan Barrett, VP of security and privacy at Intermedia comments: 'The most recent zero-day attack targeting Office 365 email users sends a clear message to organisations working to defend themselves against ransomware: it’s only going to get more difficult. Safeguarding sensitive files from ransomware is an important factor in any defence strategy, but how quickly an organisation can get back up and running is equally important. Business continuity solutions, which perform instant mass rollbacks to restore entire file archives to uninfected versions and devices, can prevent encrypted files from being eternally lost in the virtual abyss, minimise the hefty cost of employee downtime and eliminate the need to pay the ransom.'
So what is the impact of such attacks on information and data resilience? Many surveys come up with a value that is different for everyone, but ransomware attacks like this cost more than money. Yes there is a financial cost, but it can also lead to brand and reputational damage. There are other direct and indirect tangible costs associated with such an attack too. Organisations should therefore be working hard to prevent any downtime by having a business and service continuity plan in place. Customers might otherwise elect to jump ship.
However, the impact of such an attack can be quantified in terms of value. For example, hospitals increasingly need medical systems that can help them to diagnose a medical condition or help to save someone’s life. In the aviation industry, flight and air traffic control systems are dependent on information communication technologies to ensure that skies remain safe, and lives depend on them being able to manage air traffic with unimpeded information.
More to the point, corporate companies may not be able to operate at all, and as a result they could lose out to their competitors. For these reasons and more, information resilience requires a senior management mandate from CEOs, CIOs, CFOs and from organisations’ CCOs for the investment in security, business and services continuity, and backup solutions to prevent downtime and reduce the impact of any kind of attack. It’s also worth noting that customer satisfaction and brand value is likely to increase when customers know that their own data is safe and unlikely to fall into criminal hands.
Danny Schofield, Sales and Marketing Director at Expert Security UK highlights the importance of businesses implementing security measures against the threat of terrorism: 'Businesses already had a lot of security issues to bear in mind, and the growing threat of terror has only added to their problems. We’ve noticed a sharp increase in the number of companies coming to us for advice, and many of them say the same thing; they don’t know where to find reliable information about how they can protect themselves against an attack.'
Some industrial sectors have to be compliant with an increasing number of regulations – banking and financial services is but one of them. Yet a good backup and restore solution will increase operational agility and enable compliance with regulatory risk. Audits won’t be failed, protecting a banking institution from being fined for non-compliance. Uptime is therefore a brand and business imperative, and with data acceleration it is possible to backup and restore systems very quickly. However, traditional WAN optimisation tools don’t tend to adequately deal with the effects of network latency. There are solutions on the market that can, however, address this problem.
Speed is essential
Fast backup and restore is essential because downtime is instantly noticeable. It can cause a chain reaction because people are likely to vent their anger or dissatisfaction on social media if a service is affected and downtime ensues. Information and data security will raise similar concerns too. The trouble is that all too often, organisations treat backup and restore solutions like an insurance policy that isn’t worth investing in because they may feel that a cyber-attack is unlikely to happen to them. But then again, they are missing the point of investing in an insurance policy, let alone missing the point of having solutions in place that will enable them to keep work without impediment.
'Online banking appears to be suffering more security breaches today than at any other time in its past. Recent scams have included new strains of ransomware and the rise of so-called "smishing" techniques i.e. phishing by SMS', writes Adrian Bridgwater in his March 2016 article, ‘NatWest online banking suffers SMS 'smishing' scams’, for SC Magazine. He revealed that Natwest and RBS were hacked by some journalists from BBC Radio 4’s You and Yours programme. These ‘smishing’ techniques were used by the journalists to break into a UK citizen’s account and to take some money from it. No doubt the customer concerned would be shocked by this revelation, leading to that person questioning why they as well as their friends, colleagues and family should ever trust these banks with their money.
So much is now done online – not just banking. Shopping is too, and e-commerce makes it easy to switch to a retailer’s competitor within a few clicks. Someone is always waiting in the wings to do a better job. Brand loyalty is hard to win, but easy to lose and so C-level executives need to work together to ensure their systems are secure. And if they fail, they need to ensure that they have solutions that can enable them to recover from either a security breach or another form of cyberattack. In other words, it’s sometimes not that you fail; it’s about how you recover from it. Therefore, the focus should be not how fast you can backup, but on how fast you can recover from an attack or from disruption that can also be caused by natural disasters – such as the Christmas 2015 floods.
Information resilience covers the whole life management of the data, its storage, its backup and archive, access rights, security, data encryption, disaster recovery and destruction. This often requires a cultural change across the organisation, and the realisation that having security, business continuity, services continuity and disaster recovery plans in place is the best insurance policy that an organisation can have in order to protect itself from things such as ransomware attacks and even natural disasters. This has to start with an internal risk and security assessment that is independent from IT to assess how to best protect data, encrypt it, and how to go about regularly testing disaster recovery programmes to ensure that information resilience remains a brand and business imperative.
David Trossell, CEO and CTO of Bridgeworks
Image Credit: Welcomia / Shutterstock