The Trillion dollar industry
At the time of writing, the Waikato DHB cyber-attack is ongoing. The government is refusing to pay the ransom as a point of principle, and it looks like every possible tool at their disposal is being used to try to recover the situation.
Should they just pay the ransom? Or should the government go further and make it illegal to pay ransoms in New Zealand? That’s the question that Minister Kris Faafoi is having to assess at the moment. DHB attack: Why Justice Minister Kris Faafoi won’t make it illegal to pay a cyber-ransom – NZ Herald
Cyber crime is big business. We’ve called it organised crime in previous articles and we’re happy to stick with that. These organisations recruit the best and brightest out of the top universities, and give them both the latest tools and time to wreak havoc. Their recruits are paid astronomical sums to work for them, overcoming any moral objections with immorally large pay checks. These paychecks are funded by the proceeds of previous hacks. Every time they are paid, their war chest is strengthened. For example, we recently saw the Colonial Pipeline in the eastern US get hacked for 75 bitcoins (just under US$4M) which went to a criminal group called ‘Darkside”.
So, will cutting off payments stop their attacks by removing the incentive?
These criminals are smart and highly motivated. They seem to have no conscience but plenty of greed. Waikato is not only the hospital being brought down – there was a huge wave of hospital attacks in the US in October, just a few months ago – Several hospitals targeted in new wave of ransomware attacks – CNNPolitics.
I don’t know how Waikato DHB got infected, but the rumour is that it was from phishing attacks onto machines that weren’t fully patched up to date. We don’t know if that is true, but it is a common attack vector. Once a hacker gets into a system, they often hold back and try to dig further looking for more vulnerabilities they can exploit. The more damage they can cause, the more ransom they can demand, so they will often use one vulnerability to find the next, and so on until they finally have enough to bring the house down.
Security is all about layers. There is NO way to prevent attacks, and it is impossible to guarantee that any system is invulnerable. We saw that with the recent Hafnium attack where a vulnerability was exploited before patches were available to block it. But the more layers of security, the harder you make it, and you reduce the scope of any harm.
Today, even if you have the best backups and can recover the system, the hackers then threaten to release the data you hold to media or competitors. In the case of the Waikato DHB, it is being reported that personal data is being released to media by the hackers to increase pressure, even as they fail to stand their systems up.
As to paying the ransom, I suspect your perspective changes when your business, your job or livelihood is threatened. Not an easy decision and hopefully one we can avoid by being paranoid.
The best solution we can recommend is to check your cyber insurance and to apply the best security you can reasonably afford, which should be more than you had last year. Expect it to be more again next year as new tools and new threats emerge. Consider managed security solutions like our KARE Plans.
We don’t know where this will end, or if it will end, but let’s hope so. It is such a drain on our resources and holds us back from investing in tools that make us more productive.
Another drawing pen app from Microsoft and why you should use OneNote and Whiteboard
Collaborate more efficiently Microsoft Garage is their ‘skunk works’ programme to encourage employees to do things they care about. Small teams run their own ideas and trial them – a bit of an ongoing Hackathon. Many of these ideas go on to become part of Microsoft...
Bursting the bubble – what to think about before crossing the ditch?
With the Australian travel bubble opening up, many people are starting to think about heading across to see family, friends or business partners. The government has been very clear about their traffic lights, and a “flyer beware” stance, so we’ve got to be a little cautious and plan ahead. You might be planning to head across for just a day or two, but its prudent to be prepared for a longer stay.
FVLB – Migration to Azure Cloud Services
Overview The Film and Video Labelling Body (FVLB) is a not for profit organisation that is responsible for rating films that are made available to the public. The Labelling Body: Rates unrestricted films Cross-rates unrestricted films that have been rated in...
Don’t click!
We're seeing this phishing attack over and over this week. Your first clue that something is wrong is it doesn't look like voicemail emails you might typically receive. Unless you have a brand new voicemail/phone system these shouldn't change format! The second clue...
Zero-Trust IT Security
'Zero-Trust' is a tough headline. Zero-trust in a world where we trust people all the time is an unpleasant concept. We trust that when we order a package online, that the vendor will take our order and not just our money, that our product will be passed to a courier...
We are who we know
Managing contacts has become more important than ever. Here’s a few tips on how to make use of smart tools built into Outlook: 1. Rather than exchange business cards (so last century)... Share your contact details using Linked In – just hit the box on the right of the...
What is “Dark Mode”? Why should you consider it?
With all our warnings about cyber-hackers, you’d be forgiven for thinking this was another hazard. But no! Dark Mode is a good thing! You can activate it on Windows 10 by going to Settings – Personalization – Colors and picking Dark. Most phones also offer the same...
What does IT mean to you?
Who do you call when you need to : update your IT usage or data privacy policies manage your internal IT staff? select new business software, e.g. CRM or financial software? accelerate a process or break a business processing log-jam? Traditionally businesses think of...
5 simple steps to stay cloud-cyber-secure
We’ve posted repeatedly about cyber-security and the need to be more vigilant and more careful, and we’ve shared real-world stories to reinforce the concern. It’s a concern then that we still see a number of organisations that remain reluctant to increase their...
What are we about?
"Who" is sometimes just as important as "what"? As a client, you know what we do. But we thought you might want to know more about "who we are". By that we mean, "what are we about". When you boil it down, the Kinetics mission is to help our communities. That is...