The Trillion dollar industry
At the time of writing, the Waikato DHB cyber-attack is ongoing. The government is refusing to pay the ransom as a point of principle, and it looks like every possible tool at their disposal is being used to try to recover the situation.
Should they just pay the ransom? Or should the government go further and make it illegal to pay ransoms in New Zealand? That’s the question that Minister Kris Faafoi is having to assess at the moment. DHB attack: Why Justice Minister Kris Faafoi won’t make it illegal to pay a cyber-ransom – NZ Herald
Cyber crime is big business. We’ve called it organised crime in previous articles and we’re happy to stick with that. These organisations recruit the best and brightest out of the top universities, and give them both the latest tools and time to wreak havoc. Their recruits are paid astronomical sums to work for them, overcoming any moral objections with immorally large pay checks. These paychecks are funded by the proceeds of previous hacks. Every time they are paid, their war chest is strengthened. For example, we recently saw the Colonial Pipeline in the eastern US get hacked for 75 bitcoins (just under US$4M) which went to a criminal group called ‘Darkside”.
So, will cutting off payments stop their attacks by removing the incentive?
These criminals are smart and highly motivated. They seem to have no conscience but plenty of greed. Waikato is not only the hospital being brought down – there was a huge wave of hospital attacks in the US in October, just a few months ago – Several hospitals targeted in new wave of ransomware attacks – CNNPolitics.
I don’t know how Waikato DHB got infected, but the rumour is that it was from phishing attacks onto machines that weren’t fully patched up to date. We don’t know if that is true, but it is a common attack vector. Once a hacker gets into a system, they often hold back and try to dig further looking for more vulnerabilities they can exploit. The more damage they can cause, the more ransom they can demand, so they will often use one vulnerability to find the next, and so on until they finally have enough to bring the house down.
Security is all about layers. There is NO way to prevent attacks, and it is impossible to guarantee that any system is invulnerable. We saw that with the recent Hafnium attack where a vulnerability was exploited before patches were available to block it. But the more layers of security, the harder you make it, and you reduce the scope of any harm.
Today, even if you have the best backups and can recover the system, the hackers then threaten to release the data you hold to media or competitors. In the case of the Waikato DHB, it is being reported that personal data is being released to media by the hackers to increase pressure, even as they fail to stand their systems up.
As to paying the ransom, I suspect your perspective changes when your business, your job or livelihood is threatened. Not an easy decision and hopefully one we can avoid by being paranoid.
The best solution we can recommend is to check your cyber insurance and to apply the best security you can reasonably afford, which should be more than you had last year. Expect it to be more again next year as new tools and new threats emerge. Consider managed security solutions like our KARE for Security and more advanced KARE for Security S2 plans.
We don’t know where this will end, or if it will end, but let’s hope so. It is such a drain on our resources and holds us back from investing in tools that make us more productive.
REWATCH Cyber Lessons from the field.
What can we learn from recent NZ cyber-events? What is real and what is hyperbole? Scroll down for the MFA revelation - it will surprise you!Introducing Campbell McKenzie from Incident Response, the team called in after cyber-events to help clean up and manage the...
REWATCH Did you know that, on average, 1.2 million Microsoft accounts get compromised every month?
Did you know that, on average, 1.2 million Microsoft accounts get compromised every month? According to Microsoft, 99.9% of hacked accounts didn't use MFA, and only 11% of all accounts have MFA enabled. The average cost of a ransomware security breach is $4.62...
What level of cyber-security is right for my organisation?
The world is changing. Your company's cyber security is increasingly under threat and the costs of mitigation are often unwelcome. The first question organisations need to ask is whether they are exposed, and to what level. All the available data from sources like...
How many of these 10 layers of cyber protection do you use?
"A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.” - Combating Ransomware - A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force. The message we hear from governance boards over...
The scammers are closing in on us.
Hacks don’t just happen to other people. The hackers are targeting all of us, every day. Every day, we have to defend them successfully. They only have to be successful onceWe all read about stories in the newspaper and there might be a sense of smugness that we...
What do YOU need to know about Juice Jacking?
You might get more than you bargained for. That sense of relief when you see a public USB charging point might be misplaced. There are increasing numbers of public USB charging points around. From aircraft and buses to fast-food restaurants, cafes, shopping malls and...
Is your licensing legit? Don’t be scammed
Don't get fooled! One of the great advantages of subscription software is that the licensing is easier to verify. The days of people copying license codes are over. That makes this scam even more interesting, simply because the product they refer to is subscription...
Webinar Replay : Updating what is ‘reasonable’ to protect your organisation from cyber-crime.
Cyber-security gets harder, so we make it easier. Much as the heading may sound 'double-dutch', it isn't. Simply, the levels of protection that are 'reasonable' to protect your organisation have changed. We need to do more, and at Kinetics we know that...
Even chatGPT gets cyber-security!
When I asked chatGPT for a poem about cyber-security, here's what it said: (wish I could be as original!) In the land of Aotearoa, where the kauri trees grow tall, Cybersecurity is vital, we must protect our digital all. Patching our systems is the first line of...
Is Cyber-insurance worth it?
Every day we see stories in the newspaper about cyber-attacks. Years agio they seemed a bit remote, but lately they've been getting closer to home. Many businesses are responding by taking on cyber-insurance. But is it worth it? When you sign up, you are asked...