Lately it feels like a day doesn't go by without there being a global news story about a major data breach. In April of 2019 IT World Canada reported that, despite the public's awareness, most Canadian organizations remain unprepared for a cyber incident. Currently 74 percent state that they do not have a response plan that is applied consistently across their entire company. Among the organizations that do have a plan, 59 percent admit to not testing them regularly, or at all. It seems that all of the press and statistical reports have little to no impact on corporate decision makers, which is why it’s important to look at current and tangible examples of attacks that have occurred on our own soil. From these attacks, we hope that you draw the clear conclusion that now is the time to take action to prevent the same from happening to your company.
The City of Stratford Ontario is reeling from a ransomware attack that encrypted City Hall data and locked staff and councillors out of their computer systems. For well over a week the City had to ask local taxpayers to be patient while they worked diligently to unlock and decrypt city systems so that they could return to normal operations (Watch video: this week (Jun 11th), the CBC ran the following news feature of how the city is still reeling over the event).
City Mayor, Dan Mathieson reflects: "... for cyber terrorists, they are not really interested in the information, they are interested in disrupting your ability to function, and that will allow them to get money."
Would your customers be willing to wait a week, or more, before you could return to service their needs? Probably not, especially when a competitor is ready to fulfill those needs on the spot. While the verdict is still out on how cyber criminals were able to initiate the ransomware attack, one thing is clear - if the municipality invested in a better cloud productivity solution they would have not been locked out of their data and still been able to maintain operations. This is just one of many unfortunate examples of why Canadian businesses need to migrate to the cloud.
In March 2019, findings from a city audit uncovered the fact that the City of Ottawa lost approximately $130,000 CAD of taxpayer funds to an email-spoofing scheme. The city treasurer received an email from someone purporting to be the city manager, requesting a $98,000 USD wire transfer to a specified account. Emails between the treasurer and supposed colleague went back and forth until the transaction was completed. It wasn’t until 5 days later when the treasurer received another email requesting an additional $150,000 USD that the attack came to light. When the new email came through, the treasurer’s true colleague was sitting right beside her. They put two and two together and realized the city had fallen victim to cyber fraud, via an advanced form of email phishing known as spearphishing. Spearphishing is an attack that targets a specific individual within an organization, seeking unauthorized access to sensitive information and/or funds. It is often accomplished after a culprit has uncovered personal information about an individual and people they work with so as to seem authentic.
The exponential increase of phishing attacks (and variants) over the past year has it surpassing ransomware as the primary cyber threat to organizations. In addition to providing prevention training to staff and stakeholders, your business will need to adopt better email security. This involves choosing a more secure email provider, adoption of multi-factor authentication (MFA), ongoing reviews of your mail server domain, and having an IT support firm set up more secure email. View our 2019 guide to better email security for your business.
Tier 1 aerospace company Mitsubishi Canada, fell victim to a ransomware cyber heist that lasted for weeks. On March 19 (2019) staff received a notice across their computer screens, reading “Your network has been penetrated”, ending with a demand stating, “You will receive a BTC address for payment”, signed Ryuk. Ryuk is ransomware that comes courtesy of a Russian (with potential North Korea connections) hacking group that has been wreaking havoc across the world for the past two years. In addition to compromised data, the facility went without internet access for weeks.
Over the past year, businesses have been extorted for millions of dollars due to Ryuk. And no, it’s not just enterprises being impacted, as recent reports show that at the onset of 2019 the proliferation of this ransomware strain is making it increasingly common to see small businesses attacked and extorted. Moving forward, your business not only needs to invest in a better cloud productivity solution, it must consider a cloud to cloud backup plan too.
It's often said that all press is good press, but the last thing your business needs is to end up in the headlines for being the victim of a cyber attack. It may be a quick way to put your name out there, but it’s also a fast way to lose current and prospective customers. As a part of our robust IT services and Managed IT support, we offer 24/7 monitoring, ransomware and AV protection, aggressive threat mitigation services, and more. Contact SIRKit today to learn more about how we can protect your data and keep your operations running without interruption.