Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 24th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2018 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

An interesting case study in "duh!"

10 August 2017

Recently the NoPetya attack crippled computer systems around the world.

It wasn't just poorly administered home computers that were hit, it was some of the world's biggest and, one would think, most stringently operated computer networks that went down.

For those who have been living in a cave of late, the NoPetya attack involved a piece of malware that encrypted a computer's files and then demanded a ransom for their decryption. Payment was requested by way of Bitcoin so as to preserve the anonymity of the attackers.

Many private, commercial and government systems around the world fell victim to this attack and those without proper disaster management strategies were badly affected.

The BBC today published a story about one of the worst hit companies, TNT.

The BBC piece shows just how much of a spanner this attack threw into the daily operations of one of the world's largest courier companies.

It is not a pretty picture for the company or its customers.

Even now, some time after the attack, the company is still feeling the after-effects and claims that it is unlikely all the lost data will be recovered.

Where are their backups?

Where are their disaster-management strategies?

Where were the procedures designed to protect their essential IT systems from such malware?

Why were their IT people so asleep at the wheel?

I would certainly hope that TNT spend a lot of time in postmortem, analysing what went wrong and how a repeat of this situation could be avoided in future. I would also hope that other companies and organisations also take note of the way that this simple attack so badly disrupted the company's operations for so long.

Fortunately for TNT, they are owned by FedEx, which means that they're unlikely to go under as a result of the lost business and reputation this attack has produced -- but a smaller company could well have been sent to the wall by such a lack of preparedness.

Following on from yesterday's column... how would this company have coped in the event of a large CME which might also take out their IT systems?

I am amazed that so many very large companies appear to have done so little to protect themselves from the inevitability of disaster.

We need only look at the way other worms and viruses have spread through mission-critical systems to see that perhaps its time there was a major overhaul in the design of the Net and the increasing reliance placed on it by commerce and government.

Is the Net becoming just too unsafe for such things as critical infrastructure management?

Should a parallel network, available only to authorised/certified parties, be built for the purpose of such sensitive systems?

Will we reach the point where sometime (in the not too distant future), all code will have to be digitally signed by a recognised certification authority before it can be run on a Net-connected computer?

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

EV lolly-scramble for taxpayers' money
The government has just announced that it's throwing $3.7 million at a few lucky companies, with a view to increasing EV use in New Zealand...

The race to secure your computer
There's an extremely important race going on right now...

Missile alert, accident or ploy?
Last Sunday, more than a million people on the Island of Honolulu received a txt message advising them that a ballistic missile attack was imminent and that they should take cover...

Hi-tech vs no-tech
I had an interesting weekend...

Crowdfunding via the public purse
Today's column follows on a little from yesterdays because I'm continuing to highlight just how many companies are duping the tech-ignorant (especially politicians) into parting with their cash...

A refreshing taste of honesty
I think we all remember the Martin Jetpack...

Trusting technology?
Airways is the organisation in New Zealand which administers and manages the airspace above our heads...

Bitcoin versus batteries
Confused by the title of today's column? Don't worry, let me explain...

Welcome to 2018
A new year brings new challenges and new opportunities...

Last column of 2017
Well just five days to Christmas and with all the preparation that's needed for my Christmas eve gig, this will be my last column for 2017...

New nuke footage
Some of the most fascinating images every seen are those of nuclear explosions...