If you haven’t revised your disaster recovery plan for a while the sobering statistic that Cyber breaches across UK finance sector up 1000% in 2018 emerged in a Freedom of Information request to the Financial Conduct Authority. This trend is not purely a problem for Finance but will be reflected in any industries that are attractive targets to Cybercriminals.
Making sure your disaster recovery plan reflects the modern landscape of risk is a regular task every business needs to undertake. Risks are not fixed in stone but change and evolve, new issues loom on the horizon as old threats recede in the corporate rear view mirror.
Two years ago Ransomware was the looming threat, WannaCry was the hot news, a virulent Ransomware threat that caused panic for a few days in May 2017.
Wannacry has now receded into corporate memory. The Wannacry ransomware was highly effective, in the event WannaCry was thwarted more by luck than judgement, having infected 200,000 systems in 150 countries over the course of a single weekend.
Monetisation by the Cybercriminals controlling the ransomware was inefficient and patchy, estimates of the income from WannaCry are approximately £50,000, basically they were unable to exploit the Ransomware to its full potential.
Sadly the organisations behind it haven’t gone away and the indications so far this year are that its back and they have learnt their lessons.
The resurgence has been fueled by factors like the cost of entry has never been lower for prospective cybercriminal, ransomware is now available using a franchise model, so no real technical knowledge is required, just criminal intent.
Of course criminals need victims, however this presents no issue as the data required for a campaign can be readily acquired and due to a glut of information at a record low cost. High grade personally identifiable data records from data breaches are regularly being traded on the Dark Web. (HaveIbeenpwned)
This years trend is the targeting of prospective victims, individuals, companies and industries to maximise the earning potential witness recent events at Norsk Hydro who suffered a targeted attack in March and having decided not to pay the ransom are still in the process of recovering their systems four months on at an estimated cost of £52M.
It is little wonder that many victims or their insurance company’s pay the ransom rather than try to remediate.
It would logically follow that companies deciding to pay the ransom also don’t notify the Information Commissioner and so probably don’t initially hit the headlines. Until of course the breach comes to light because customer and supplier data is tracked back to an unreported breach. How many unknown victims in Finance, Accountancy, Travel & Tour Hotel Chains etc. are sitting on a ticking time bomb.
Making sure your company has layers of protection and effective backup regimes is one way we help our customers, we also help you create effective disaster recovery policies to put your business back on track in the shortest possible time.