Japanese carmaker Honda released a statement last Tuesday that it had halted operations in its Sayama, Japan car plant due to a recurrence of the now-infamous WannaCry ransomware. The plant, which has an output of approximately 1000 vehicles per day, was shut down on Monday after Honda discovered the virus had affected networks across Japan, North America, Europe, China and other regions. This was despite attempts by the company to secure its networks against such attacks when the initial WannaCry outbreak occurred back in May.
With the introduction of the new EU general data protection regulation (GDPR) this time next year (25 May 2018 to be exact) – businesses all over the globe could find themselves in breach of the regulation and facing hefty fines should they fail to prevent a ransomware attack, phishing attack or similar. The message is finally getting out there – something needs to be done about ransomware and fast.
How Ransomware could cause a breach of GDPR?
As noted in this RTE article by @AengusCox – data protection and governance expert @DaraghOBrien, Managing Director of Castlebridge Associates, confirms GDPR is all about accountability. Not only do organisations have to comply with the regulation, they also have to demonstrate compliance through evidential proof (documentation, etc) of the controls, processes, technology, etc. that they have in place to protect the sensitive and personal data they hold on EU citizens (to include their staff, customers, vendors and third parties).
Daragh confirms that ransomware could indeed be seen as a breach of GDPR by the data protection commissioner, as ransomware typically can affect both the availability and access of personal data and can also affect the recovery of the personal data. Indeed, some viruses are known to upload personal data to hackers – a clear data breach and major breach of the GDPR.
As the GDPR comes more and more into focus through the year and into next year – security experts predict that hackers/scammers will begin to steal data with advanced ransomware and then blackmail the victims by threatening to report them to data protection commissioner.
What can be done?
In the RTE video interview, Daragh notes that security awareness training for staff is crucial now. Businesses urgently need to train their staff how to recognise and avoid clicking on links in phishing emails.
Many may not realise yet, but Article 39 1(b) of the GDPR regulation places a mandatory onus on organisations to undertake security awareness training for staff that deal with sensitive personal data. Read more
By now, many of you that have not been under a rock for the last couple of weeks have heard about the worldwide ransomware cyber-attack WannaCry Decrypt0r that began in earnest on Friday 12th May 2017. The new ransomware caused major disruption to the IT systems of 40 National Health System hospitals across the UK (resulting in most non-emergency operations being suspended). Not only that, but it also caused disruption to an additional 200,000 victims, distributed over at least 150 countries (including several banks, Renault, Nissan, FedEx Corp, Telefonica, German Railways and even the Russian Interior ministry).
How Did This Happen?
Global reports from cyber security experts confirm that this ransomware gets onto a network through an unsuspecting user clicking on a link or attachment in a spam email.
The last few years and countless data breaches have shown that human error (due to a lack of security awareness training) from phishing and social engineering is the number 1 cause of cyber-attacks, ransomware and data breaches worldwide. Unfortunately, many companies including hospitals who have not invested in security awareness training and ongoing testing of their staff with simulated fake emails (to keep them savvy to the latest scams) will continue to be the most vulnerable to this and future similar style cyber- attacks.
Train staff, install Next Generation security and disable macros as the latest fileless malware exploits a lack of all three to steal data.
I’m afraid to say but gone are the days when just having standard security such as Anti-virus software was enough. Cybercriminals are now using complex clandestine techniques to exploit standard system tools and protocols that are not always monitored.
The latest example of such attack is DNSMessenger – a new Remote Access Trojan (RAT) that uses DNS queries to conduct malicious PowerShell commands on compromised computers – a technique that makes the RAT difficult to detect onto targeted systems. Just like their physical counterparts, without a trap in place (i.e a next generation security detection system) they won’t be caught and will end up causing untold damage.
Read on for what next generation security you need to protect your business from these advanced next generation threats. Read more
If your favourite website or internet related service wasn’t accessible or working right yesterday it may not have been just you.
Yesterday, Amazon Web Services S3 system which hosts well over a hundred thousand websites experienced a major outage for between 4 and 5 hours yesterday. Many popular websites (Netflix, Instagram, Spotify, Pinterest, Slack, Trello, Buzzfeed, Reddit, IFTTT, Quora, Splitwise and Medium to name a few) use Amazon’s S3 system and users of these popular sites may have experienced slowness in accessing such services.
Unbeknownst to users familiar with Amazon’s online shopping website, Amazon Web Services is a giant provider of the back-end of the Internet. It provides cloud-based storage and web services for companies so they don’t have to build their own server farms, allowing them to rapidly deploy computing power without having to invest in infrastructure.
While not all AWS customers were affected by the outage at one of AWS’s main storage systems, many experienced slowdowns in website reaction times, after a big portion of its S3 system went offline. Amazon wasn’t able to update its own service health dashboard for the first two hours of the outage because the dashboard itself was hosted on AWS.
“We’ve identified the issue as high error rates with S3 in US-EAST-1,” Amazon explains on its services tracking page, adding that the issue “is also impacting applications and services dependent on S3.
The issue appears to have been resolved but these instances are always a great reminder of how much of the internet relies on just a handful of huge companies to keep it up and running and even massive companies like Amazon can have unforeseen issues which cause downtime. Unfortunately, there will always be “ghosts” in the machine, and just like cyber-attacks, downtime at some stage is inevitable for nearly every business. It’s a case of “when” not “if” it will happen to you. That’s why it’s so important to have a backup, disaster recovery and business continuity plan for your own business so you can be best prepared to continue to maintain operations and service your customers even when issues happen.