The Tentacle

later post  |  index  |  earlier post

Cyber Attacks & Ransomware

Earlier this year TEn was the subject of a Cyber Attack of broadly the same sort as that which seriously affected thousands of organisations across the globe on the 12th May. Although the hackers found a ‘chink in our armour’ – which ideally should not have been there – we were fortunate to have further levels of distribution and redundancy behind our front-line defences.

In our case, the Ransomware encrypted the Word, Excel and PowerPoint files on our servers, but could not reach our emails on Office 365, nor our Strata nor our Acturis records. Consequently, we did not stop working other than for a quick re-boot of various machines at lunchtime and our IT team simply restored our non-critical server data back to the previous evening.

Two hours of wasted time and aggravation, but nothing worse than that.

Since then, we closed immediately the loophole that exposed us and rapidly installed a new set of routers that include their own extra barrier of Firewall protection. Frustratingly, these upgraded routers had been delivered prior to the penetration and were sitting in our store room awaiting a convenient time to switch over in our comms cabinets, both in Risborough and in Manchester.

The purpose of Ransomware is to force the unfortunate ‘hackee’ to pay whatever sum is demanded by the hacker, to obtain a password and thus unencrypt the compromised data. Clearly, distributing critical systems to cloud providers with the highest levels of cyber protection is a good idea, although, even that is no guarantee. If Government Departments and nuclear power stations can get hacked, then nobody is completely safe.

The widespread attack of the 12th May exploited legacy systems such as Windows XP and versions of Windows 7 that had been left un-upgraded (or un-patched) for the last 12 months or so. Therefore, the basic lessons to learn from all of this are as follows: -

  • Stay up to date with modern operating systems and security updates
  • Do not seek to protect yourself by keeping all critical systems in-house
  • Don’t put all your IT eggs in one basket, because cloud suppliers are not always immune
  • Adopt sensible levels of password complexity and frequency of change
  • Purchase routers that can sense multiple attempts at entry and close themselves down

Having done the above, then it is a good idea to find somebody to attack you; just to see how well you do. Also, get yourself a Cyber Insurance Policy, because you are many times more likely to be hacked than you are to burn down, for which latter eventuality you are undoubtedly covered.

later post  |  index  |  earlier post