What should you do when ‘Evil Corp’ comes to call? (Yes, that’s a real name.)
By now, its well understood that hackers and cyber-criminals are busy and it’s only a matter of time before they hit you. They will keep trying and trying and whether they succeed, or whether your defenses work, the next attempt will follow quickly.
We recently had a client ask “why is multi-factor-authentication (MFA) important?” We were able to show them the attempts to hack their Microsoft account that had happened in the last few days – we were all shocked by the quantum and it highlighted how vital this protection is. It also highlighted how protections that used to seem a little excessive are now the bare minimum.
So in that context, we all know that hackers are more determined, more sophisticated and more prevalent than ever. You can mitigate your risk and make your organisation safer, but you can’t eliminate it. One day, the hackers will get through.
Organisations need to have a plan.
Under the new Privacy Act 2020, organisations now have an obligation to notify stakeholders and the Privacy Commission. Ultimately, this is an exercise in crisis management. One of the lessons I have learned over the years is, when in crisis, own it. It’s tempting to downplay it or be a bit of a Pollyanna, but that generally makes things worse as you lose trust with your audience.
That’s the lesson from Garmin. This is a worldwide business that most of us will recognise from their sporting electronics and GPS solutions. If you haven’t seen already, check out the drama they are going through… https://www.techrepublic.com/article/experts-devastating-ransomware-attack-on-garmin-highlights-danger-of-haphazard-breach-responses/ and https://www.bbc.com/news/technology-53553576
It seems they were aware of the risks and impacts at a theoretical level. They understood there was a liability and an obligation. However, media reports tell a story of that not connecting with the right actions when they fell into the hands of a threat operator with the sinister name of “EVIL CORP”. These threat actors started targeting them and dismantling their defences piece by piece.
There were smaller scale attacks that gained partial access to various parts of their infrastructure, and these laid the platform for a larger scale attack that occurred subsequently. A co-ordinated response to the earlier attacks might have avoided disaster.
In the meantime, if you are relying on their products to help you track your fitness or find your way, we hope you are back online soon! We note the BBC is reporting that the company is, even now, being coy about the attack and being a little opaque. Our view is that we need to take any shame away from these incidents, to recognise that even the best are vulnerable and that even they can only mitigate the risk. By sharing and learning, maybe we can start to get ahead of these cyber criminals!