The Trillion dollar industry
At the time of writing, the Waikato DHB cyber-attack is ongoing. The government is refusing to pay the ransom as a point of principle, and it looks like every possible tool at their disposal is being used to try to recover the situation.
Should they just pay the ransom? Or should the government go further and make it illegal to pay ransoms in New Zealand? That’s the question that Minister Kris Faafoi is having to assess at the moment. DHB attack: Why Justice Minister Kris Faafoi won’t make it illegal to pay a cyber-ransom – NZ Herald
Cyber crime is big business. We’ve called it organised crime in previous articles and we’re happy to stick with that. These organisations recruit the best and brightest out of the top universities, and give them both the latest tools and time to wreak havoc. Their recruits are paid astronomical sums to work for them, overcoming any moral objections with immorally large pay checks. These paychecks are funded by the proceeds of previous hacks. Every time they are paid, their war chest is strengthened. For example, we recently saw the Colonial Pipeline in the eastern US get hacked for 75 bitcoins (just under US$4M) which went to a criminal group called ‘Darkside”.
So, will cutting off payments stop their attacks by removing the incentive?
These criminals are smart and highly motivated. They seem to have no conscience but plenty of greed. Waikato is not only the hospital being brought down – there was a huge wave of hospital attacks in the US in October, just a few months ago – Several hospitals targeted in new wave of ransomware attacks – CNNPolitics.
I don’t know how Waikato DHB got infected, but the rumour is that it was from phishing attacks onto machines that weren’t fully patched up to date. We don’t know if that is true, but it is a common attack vector. Once a hacker gets into a system, they often hold back and try to dig further looking for more vulnerabilities they can exploit. The more damage they can cause, the more ransom they can demand, so they will often use one vulnerability to find the next, and so on until they finally have enough to bring the house down.
Security is all about layers. There is NO way to prevent attacks, and it is impossible to guarantee that any system is invulnerable. We saw that with the recent Hafnium attack where a vulnerability was exploited before patches were available to block it. But the more layers of security, the harder you make it, and you reduce the scope of any harm.
Today, even if you have the best backups and can recover the system, the hackers then threaten to release the data you hold to media or competitors. In the case of the Waikato DHB, it is being reported that personal data is being released to media by the hackers to increase pressure, even as they fail to stand their systems up.
As to paying the ransom, I suspect your perspective changes when your business, your job or livelihood is threatened. Not an easy decision and hopefully one we can avoid by being paranoid.
The best solution we can recommend is to check your cyber insurance and to apply the best security you can reasonably afford, which should be more than you had last year. Expect it to be more again next year as new tools and new threats emerge. Consider managed security solutions like our KARE for Security and more advanced KARE for Security S2 plans.
We don’t know where this will end, or if it will end, but let’s hope so. It is such a drain on our resources and holds us back from investing in tools that make us more productive.
2021 Trend Reports confirms cyber-security advice
How many people DON’T report ransomware attacks? It’s too early to see the Q42021 results from CertNZ but their Q3 report tells there were 2,072 incidents that they responded to in Q3 and fraud/scam’s were up 25%. Their report confirms that the very risks we have been...
Hackers Caught! Millions Seized
Crime doesn’t always pay. The FSB reports (if you can read Russian) that they have taken down the “Revil” band of hackers. These are the people that have caused absolute havoc, from disrupting the US oil pipelines, to the Kaseya attack that took out businesses all...
Do you need to worry about the “Log4J” Cyber Security Zero-Day breach?
Mainstream media is abuzz with the latest software vulnerability. It is in a commonly used component called Log4J 2. This component is in widespread use and the risk is real. This is a fast paced and quickly changing alert. At the time of writing, the immediate...
What’s worse than having to pay Ransomware?
The answer : Having to pay it twice - (or even more). Your Cyber-Security is under more pressure than ever. According to Infosecurity magazine, "double" extortion ransomware victims are up a massive 935% - thats a ten-fold increase year-on-year. This is driven by the...
“Phishmas” – its not that punny
Whatever it takes to draw your attention to Cyber Security is worth it. Just because we take time off at Christmas doesn't mean the hackers do. They have taken a lot of heart from the way we have all embraced home-delivery for our shopping and are doubling down with...
Is your Fingerprint effective security?
Straight out of the movies We are all used to the idea of using our fingerprints to log into our cell phones and, for some of us, our laptops. We’ve been told fingerprints are secure, and effective for ‘biometric authentication’ In the movies, we see finger prints...
Have you been vished?
What is vishing? Vishing is scamming via phone calls, effectively "phishing" by voice, hence the name, Voice phishing - Wikipedia Unfortunately, like many other cyber-attacks, incidents are on the rise. Because the damage is done over a phone call, they are even...
Does the new Chinese PIPL law apply to you?
If you do business in China, you need to know about the “PIPL” It’s the Chinese equivalent of the GDPR from the EU – and your responsibility to protect the data privacy of the Chinese. The law came into being relatively quickly and has already taken effect as at...
Security Training and Awareness offer
We are deploying some new tools for our KARE for Security clients. For a limited time we can share these with all our clients to give you and your colleagues some great e-security awareness training. The holiday season is targeted by scammers, they know that employees...
Helping you with Cyber Insurance Audit Forms
Cyber Security Audits are increasingly common. One cause is that we're seeing more boards ask about cyber security posture, and frankly every board needs to be asking about that. The other major prompt we see is when our clients are applying for cyber security...