Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 25th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2019 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Ransomware... is anyone safe?

27 July 2020

Ransomware attacks seem to be increasing at an alarming rate.

Indeed, my last column was about just such an attack that resulted in a significant number of universities and other organisations being affected in a very negative way.

Today, the media is carrying reports that another large company has been "possibly" hit by such an attack that has not only scuttled its ability to provide support services for its customers but even taken out its phone network

That company is Garmin, perhaps the world's biggest name in personal GPS devices.

As a result of what is speculated to be a ransomware attack, many of Garmin's customers are without access to services that are essential to getting the maximum use out of the company's devices.

Those affected include pilots, fitness fanatics and others.

This BBC story provides some detail on that situation.

However, Garmin are not alone in being crippled by such attacks. It seems that a growing number of companies with household names are falling victim to those who would seek to extort money from them.

One has to wonder... how will this end?

Surely large multi-national corporations have all the possible security measures in place to prevent such attacks. How are the villains getting their code onto such systems?

Are there a whole bunch of zero-day vulnerabilities being exploited here?

Is it just (as is most often the case) simply some social engineering being used to trick naive users into downloading the ransomware code?

And is the ransomware game a viable career choice for up and coming hackers?

All these questions need to be answered, yet I don't see a lot of answers out there.

If you rely on data stored on a computer for the very survival of your business, what steps have you put in place to prevent or mitigate the effects of a ransomware attack?

Yeah, we should all have a meticulously adhered to schedule of backups that should (at least in theory) allow us to recover from such an attack with the loss of no more than a few hours worth of data. But is this actually happening in larger companies?

Gathering by the level of disruption being seen and the number of ransoms being paid I strongly suspect that backups are not being given the priority they should be. It's hard to feel sympathy for any company that operates on a "she'll be right" basis like this.

Of course every challenge also represents an opportunity.

I wonder how long before (if they haven't already) entrepreneurs start offering services designed to manage the risks and fallout from ransomware attacks.

At a very basic level, such companies could simply offer an alternative backup service -- perhaps an automated inter-cloud transfer capability that would mirror several generations of a company's critical data in encrypted format on their own computers. In the event of a ransomware attack, this automated backup could be transferred back to the client's system in a matter of minutes (enough bandwidth allowing) and it would act as another level of data-redundancy over and above the company and cloud-provider's own backups.

I'm sure such services already exist but perhaps a rebranding or repackaging into "anti-ransom insurance" would make them lot more attractive and an easier sell in the present climate.

Whatever the case, it sure seems like *everyone* needs to take ransomware attacks very seriously and be prepared. Not to do so would be commercial suicide.

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

The EZ Battery Reconditioning scam

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

I am in trouble (again)
Yes, it seems that I always end up kicking hornets' nests...

Google the omnipontent
Music streaming services are now very popular...

China watches the world
The eyes of the state are upon us...

Complex solutions to simple problems
Over 120 years ago, Nikola Tesla demonstrated that electrical energy can be transferred across open space without wires...

Goodbye Libraries?
As a kid growing up in the late 1950s and 1960s, I spent a huge portion of my life in the local town library...

Sigh... CAA... again!
As long-time readers will know, I've bumped heads with CAA on one or two occasions in the past...

Picking winners(??) again
The New Zealand government has an appalling record when it comes to picking winners in the sci-tech fields...

Need money? Just sue a tech giant
Tech giants like Google, Microsoft, Amazon et al are turning into a great souce of revenue for cash-strapped governments around the world...

Ransomware... is anyone safe?
Ransomware attacks seem to be increasing at an alarming rate...

Cloudbursts, a new IT problem?
Into every life a little rain must fall...

Scam-central online
Get your free lunches here! ...