Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 25th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2019 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Ransomware... is anyone safe?

27 July 2020

Ransomware attacks seem to be increasing at an alarming rate.

Indeed, my last column was about just such an attack that resulted in a significant number of universities and other organisations being affected in a very negative way.

Today, the media is carrying reports that another large company has been "possibly" hit by such an attack that has not only scuttled its ability to provide support services for its customers but even taken out its phone network

That company is Garmin, perhaps the world's biggest name in personal GPS devices.

As a result of what is speculated to be a ransomware attack, many of Garmin's customers are without access to services that are essential to getting the maximum use out of the company's devices.

Those affected include pilots, fitness fanatics and others.

This BBC story provides some detail on that situation.

However, Garmin are not alone in being crippled by such attacks. It seems that a growing number of companies with household names are falling victim to those who would seek to extort money from them.

One has to wonder... how will this end?

Surely large multi-national corporations have all the possible security measures in place to prevent such attacks. How are the villains getting their code onto such systems?

Are there a whole bunch of zero-day vulnerabilities being exploited here?

Is it just (as is most often the case) simply some social engineering being used to trick naive users into downloading the ransomware code?

And is the ransomware game a viable career choice for up and coming hackers?

All these questions need to be answered, yet I don't see a lot of answers out there.

If you rely on data stored on a computer for the very survival of your business, what steps have you put in place to prevent or mitigate the effects of a ransomware attack?

Yeah, we should all have a meticulously adhered to schedule of backups that should (at least in theory) allow us to recover from such an attack with the loss of no more than a few hours worth of data. But is this actually happening in larger companies?

Gathering by the level of disruption being seen and the number of ransoms being paid I strongly suspect that backups are not being given the priority they should be. It's hard to feel sympathy for any company that operates on a "she'll be right" basis like this.

Of course every challenge also represents an opportunity.

I wonder how long before (if they haven't already) entrepreneurs start offering services designed to manage the risks and fallout from ransomware attacks.

At a very basic level, such companies could simply offer an alternative backup service -- perhaps an automated inter-cloud transfer capability that would mirror several generations of a company's critical data in encrypted format on their own computers. In the event of a ransomware attack, this automated backup could be transferred back to the client's system in a matter of minutes (enough bandwidth allowing) and it would act as another level of data-redundancy over and above the company and cloud-provider's own backups.

I'm sure such services already exist but perhaps a rebranding or repackaging into "anti-ransom insurance" would make them lot more attractive and an easier sell in the present climate.

Whatever the case, it sure seems like *everyone* needs to take ransomware attacks very seriously and be prepared. Not to do so would be commercial suicide.

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

The EZ Battery Reconditioning scam

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

Google needs dismantling
Google was a great idea and a great company, many years ago...

The best job is...
When I was a kid, most of my peers wanted to be firemen, policemen builders or plumbers...

The big backfire?
The world is headed for economic turmoil...

The rest of your life
Like most teenagers, I gave very little thought as to what I'd be doing half a century down the line...

Where are we headed?
As the world lurches from crisis to crisis, catastrophe to calamity and plunges head-long into an abyss of uncertainty, one can only wonder what will happen next...

Most satisfying
Over the decades I have designed, built and commissioned many bits of bespoke technology...

Politicians, some are nasty
With the NZ economy tanking to the tune of a 12 percent contraction, the last thing I wanted to hear yesterday were the words of National Leader Judith Collins...

Spark, what are you thinking?
Spark has stated in the media that it has a goal of getting up to 40 per cent of its broadband customers on to wireless technology by 2023...

The sky is falling again
What a terrible place the world has become...

The current "Big Thing"
Every now and then, a "big thing" comes along...

Python versus BASIC
Prepare your inner geek...